SELinux and SGID
Daniel J Walsh
dwalsh at redhat.com
Mon Mar 4 16:47:46 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/02/2013 04:29 AM, Douglas Brown wrote:
The way we classify secadm is to control SELinux controls and leave sysadm to
control DAC Levels.
secadm can change booleans turn enforcing on and off and execute semanage
commands. We leave everything else to sysadm.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlE00DIACgkQrlYvE4MpobPb4ACfdFWLMNyGiXcEmRJmJEQ2/mte
h9AAn2wrc+z4ncINo9lCZ0wM+QD+3JYO
=iNoO
-----END PGP SIGNATURE-----
More information about the selinux
mailing list