Re: [patch 0/4] MAP_NOZERO v2 - VM_NOZERO/MAP_NOZERO early summer madness

From: Ulrich Drepper
Date: Mon Jul 02 2007 - 15:06:57 EST


On 7/2/07, Rik van Riel <riel@xxxxxxxxxx> wrote:
That should not happen. The default SELinux configuration
in Fedora (and Debian?) runs a few daemons in their own
restricted modes and has most of the system running in
unconfined_t, including the majority of user programs.

This is the state as of F7. This will change hopefully soon.
Programs like firefox run by normal users must be confined, to. Any
tests using security must be fast, it's not something which is done
only for a few apps.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/