[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security features of Debian Etch?



On Sunday 27 May 2007 10:49, Németh Tamás <nice@titanic.nyme.hu> wrote:
> Does Debin Etch have some extra chroot
> restrictions, /dev/mem, /dev/kmem, /dev/port, /proc/<PID>/stat,
> /proc/<PID>maps, Linux privileged I/O related or other security
> enhancements beyond to the security of the vanilla Linux kernel?

The SE Linux support in Etch will address some of your requirements in this 
regard.

SE Linux is not based on chroot but on the "domain" of the program in 
question.  So a program can be run without chroot but still have great 
restrictions applied to it.

-- 
russell@coker.com.au
http://etbe.coker.com.au/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development



Reply to: