On 10/25/10 19:20, Shaz wrote: > I want to confine a Java application with SELinux policy so I wanted to > know how I can really do that. Will the application be visible to the > native platform with SELinux? Or only the Java VM is visible and that we > use Java ACL to confine the application inside the VM? You can only confine the JVM. If there is more than one application in the JVM, they will not be separable by SELinux. So if you want separation between two or more Java applications enforced by SELinux, they would have to run in separate JVMs. -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
