On Wednesday, December 08, 2010 12:17:40 pm Les Mikesell wrote:
But your question was what to do if you choose to ignore the simple and available tools - things available and well understood on many platforms.
VM = complex. Not to mention proprietary (for all but KVM) and resource-wasteful. Switch User = inconvenient to the extreme, and disruptive of normal workflow.
I've done both, and neither are workable solutions for the majority of users, especially on the desktop. Both are more complex than SELinux *could* be, with some effort.
SELinux is available for every major Linux distribution (including Ubuntu). It's on by default in RHEL/Fedora and most derivatives. And there's the TrustedBSD project's SEBSD port.
Sounds like a budding standard to me, and something worth learning. Time to expand your horizons, not put your head in the sand.