Re: Security features of Debian Etch?
On Sunday 27 May 2007 10:49, Németh Tamás <nice@titanic.nyme.hu> wrote:
> Does Debin Etch have some extra chroot
> restrictions, /dev/mem, /dev/kmem, /dev/port, /proc/<PID>/stat,
> /proc/<PID>maps, Linux privileged I/O related or other security
> enhancements beyond to the security of the vanilla Linux kernel?
The SE Linux support in Etch will address some of your requirements in this
regard.
SE Linux is not based on chroot but on the "domain" of the program in
question. So a program can be run without chroot but still have great
restrictions applied to it.
--
russell@coker.com.au
http://etbe.coker.com.au/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
Reply to: