Re: Debian Stable server hacked
On Wed, 2003-08-13 at 16:02, Colin Walters wrote:
> Let me give an example of how SELinux protects my machine (verbum.org).
> My blog is a Python script (pyblosxom) which runs in a domain called
Oh, and what I forgot to mention about this domain is that it doesn't
have write access to any files, for example. Nor (obviously) can it use
the mount syscall. And those restrictions carry over to any other
program it executes, including /bin/sh, /bin/ls, /bin/mount, whatever.