Hi, On Fri, Oct 02, 2009 at 09:16:38AM +0200, Carl Fredrik Hammar wrote:
> A secure way to use it on the entire filesystem would be to make use > of settrans -C flag, to start a shell chrooted to nsmux but not > actually set on /. This way only programs started from the shell > would be affected. > > That is something like: > > settrans -C bash -- / nsmux ... Ah, that's interesting... I noticed the --chroot feature a couple of times, but never thought about it long enough to come up with actual use cases... And it seems to be just what we need :-) -antrik-