On Wed, 2004-04-21 at 15:48, Colin Walters wrote:
Ok. Well do you (or anyone else, Dan?) have any suggestions for the
short term? For FC2 we could just tell users to always use 'su'. The
unfortunate thing here is that Fedora users who are reading upstream
docs will get exactly the opposite information :/
In the short term, if you want to have it fall back to the Linux uid for
authentication purposes if the SELinux user identity is
SELINUX_DEFAULTUSER (defined in include/selinux/get_context_list.h),
then that is fine. Just don't use the Linux uid as the user identity
for the new context.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency