Re: New stacker performance results

From: Valdis.Kletnieks@private
Date: Wed May 25 2005 - 10:07:37 PDT

Previous message: Andi Kleen: "Re: [PATCH 2 of 4] ima: related Makefile compile order change and Readme"
In reply to: Stephen Smalley: "Re: New stacker performance results"
Next in thread: Stephen Smalley: "Re: New stacker performance results"
Next in thread: Valdis.Kletnieks@private: "Re: New stacker performance results"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, 25 May 2005 12:47:42 EDT, Stephen Smalley said:

> BTW, SELinux does support dynamic context transitions these days via
> setcon(3).  Not that that I'd recommend using it over exec-based
> transitions, mind you, but it does exist.

That *does* solve half the chroot problem.  Still gotta write policy, but
at least you're only having to add one setcon() call to /sbin/chroot rather
than having to make sure that you relabel every binary that gets put into
the chroot jail.... :)

application/pgp-signature attachment: stored

Previous message: Andi Kleen: "Re: [PATCH 2 of 4] ima: related Makefile compile order change and Readme"
In reply to: Stephen Smalley: "Re: New stacker performance results"
Next in thread: Stephen Smalley: "Re: New stacker performance results"
Next in thread: Valdis.Kletnieks@private: "Re: New stacker performance results"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 10:07:57 PDT