On 01/13/2017 08:48 PM, Daniel J Walsh wrote: > http://rhelblog.redhat.com/2017/01/13/docker-0-day-stopped-cold-by-selinux/ good job, but a minor suggestion. you raise the impression that SELinux did this, and even though SELinux made this possible, your policy is what actually achieved this by telling SELinux what to do. I think it is important to make this distinction, not for us, but for the crowd that is not so familiar with the matter. People often blame/praise SELinux for the policy it enforces. > > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx. > -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
