On Wed, 2005-05-25 at 13:03 -0400, Valdis.Kletnieks@private wrote: > On Wed, 25 May 2005 12:37:59 EDT, Stephen Smalley said: > > > The difficulties in creating an effective jail have nothing to do with > > SELinux per se, and trying to do one without the full range of control > > offered by SELinux is likely to expose you to holes. > > Right. The point was that even if you *are* using SELinux, trying to > satisfy a security policy that says "A chrooted process may not..." > is difficult. Why would your security policy specify implementation details like chroot? A more sensible security policy would be something like "BIND cannot affect the PostgreSQL server". With SELinux you can analyze all the information flow from named_t to postgresql_t. With a chroot you have no such guarantees. Your security goals should drive your implementation choices, not the other way around.
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 10:20:36 PDT