Re: chroot administration
On Wed, Aug 14, 2002 at 11:50:14AM +0100, Sam Vilain wrote:
> You might want to investiage `security contexts', a new kernel feature
> that can be used for virtual IP roots as well as making processes in
> one context (even root) not able to see other contexts' processes.
> The userland utilities also offer a way to remove Linux's capabilities
> (eg, to disallow raw sockets or bypassing filesystem permissions).
>
> http://www.solucorp.qc.ca/miscprj/s_context.hc
Does this avoid selinux's patent encumbrance issues?
--
Mike Stone
Reply to: