Yes. It is wise. If you have an application that writes sensitive data, you may not want your admins to have access to it as root, either for accounting reasons or otherwise. Maarten Broekman Email: maarten.broekman@xxxxxxx -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Laszlo BERES Sent: Monday, July 28, 2008 10:13 AM To: General Red Hat Linux discussion list Subject: Re: ACL Mark Haney wrote: > Are you saying you can deny root access to a file with SELinux? Is that > ever wise? Yes, it's possible. Wise or not, there are many scenarios when root shouldn't see stored data, but have to administer basic system services. -- Laszlo BERES RHCE, RHCX senior IT engineer, trainer -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
