Desktop platforms Toolkit
Story: Red Hat readies Enterprise Linux 4
Posted by: Anonymous (Tuesday 18 January 2005, 9:14 PM)
> SELinux cannot provide any protection against flawed
> software that is running as a root user, according to
> information on Red Hat's Web site.
should probably be:
| RHEL4's default SELinux policy provides complete
| protection for network-facing applications that
| could be running as a root user.
|
| RHEL4's default SELinux policy does not provide any
| protection against arbitrary flawed software that is
| running as a root user, according to information on Red
| Hat's Web site.
Russell Coker, http://www.linuxjournal.com/article/7955 :
> The "targeted" policy which is in Fedora Core 3 and will
> be in Red Hat Enterprise Linux 4 solves this. It restricts
> only the daemons that are at most danger (network
> facing daemons initially but as we progress we will add
> other daemons to the list). This stops quite a number of
> attack vectors while having no restrictions on users
> who login to the system. Of course this means that
> targeted policy doesn't prevent a local user from
> attacking the system, but that is a trade-off that the
> administrator can make for ease of use.
Full Talkback thread
