On Sat, 2006-03-04 at 14:14 -0500, Chris Tyler wrote: > Should we consider bind-chroot obsolete, since SElinux should be able > to provide similar protection (preventing named from touching files it > should not, even if compromised)?
Most definitely not. Chroot is simple and effective; I've still never been able to install and use SElinux without it breaking things. -- dwmw2
