-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/13/2010 09:53 AM, James Cammarata wrote: > > On Wed, 14 Apr 2010 10:30:27 -0400, Daniel J Walsh <dwalsh@xxxxxxxxxx> >> We are very careful of what we backport and sudo has not come up on the >> priority list. With Shipping versions of RHEL we are hesitant to make >> major modifications that could cause a regression. > > Understood, I'm just surprised that running SElinux in strict mode breaks > sudo isn't more of a priority. Are that few people using strict mode? > Well it depends on your definition of broken. The way SELinux was originally designed was to use newrole to change your role and sudo to change your UID. Only in RHEL6 is sudo able to do both. Strict policy is not used that much. Although MLS policy is based on Strict policy, but those people are a lot more used to the concept. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvF8iYACgkQrlYvE4MpobP1QACfdcivA4idxYIBcOFyyo/4pwZt AwoAn36fyQa6gZTKxymSvQM2Xhnv1fgN =tFRi -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
