ned at unixmail.co.uk
Tue Aug 12 14:06:36 UTC 2008
Ralph Angenendt wrote:
> Ned Slider wrote:
>> Hi list,
>> I've knocked up a contribution on SELinux here:
>> I've tried to pitch it as an introduction for those not already familiar
>> with SELinux but also hopefully a useful reference.
> Great article.
> What maybe should be added to the article is the fact, that SELinux
> doesn't need programs to be changed, meaning that programs do not (need
> to) know about SELinux at all for it to work. So a SELinux denial just
> looks like a normal "access denied" to any program.
Added the following sentence:
Because SELinux is implemented within the kernel, individual
applications do not need to be especially written or modified to work
with SELinux. If SELinux blocks an action, this appears as just a normal
"access denied" type error to the application.
More information about the CentOS-docs