Mark, That's not quite accurate. SELinux controls can be enabled to neuter root's power. Cheers, Harry On 02/06/2014 10:12 AM, m.roth@xxxxxxxxx wrote: > postmaster@xxxxxxxx wrote: >> Paul, >> >> For "Anyone" it wouldn't be a problem, but a root user is allowed to do >> anything. >> >> So a root is always be able to stop a process on the system. >> >> Think of a solution to lock ssh access (sshd_config) for everyone, but >> you. >> >> And even this is no 100% solution. >> > And two cents from someone who's really isn't deeply into selinx: a root > user could always > $ echo 0 >/selinux/enforce > and then, with selinux in permissive mode, could do anything root could > normally do (i.e., anything). > > mark > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
