On Mon, Jan 26, 2015 at 03:29:23PM -0500, Daniel J Walsh wrote:
> You could also set the secure_ booleans
Is this in addition to or instead of removing unconfined users?
> getsebool -a | grep secure_*
> secure_mode --> off
> secure_mode_insmod --> off
> secure_mode_policyload --> off
Without r
On 01/23/2015 06:01 PM, Stephen Harris wrote:
> At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
> takes away the ability to manage the eTrust config from root and puts it
> in the hands of "security admin". So there's a good separation of duties;
> security admin control
At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
takes away the ability to manage the eTrust config from root and puts it
in the hands of "security admin". So there's a good separation of duties;
security admin control the security ruleset, but are limited by the OS
permiss
3 matches
Mail list logo
