On Sunday 27 May 2007 10:49, Németh Tamás <[EMAIL PROTECTED]> wrote: > Does Debin Etch have some extra chroot > restrictions, /dev/mem, /dev/kmem, /dev/port, /proc/<PID>/stat, > /proc/<PID>maps, Linux privileged I/O related or other security > enhancements beyond to the security of the vanilla Linux kernel?
The SE Linux support in Etch will address some of your requirements in this regard. SE Linux is not based on chroot but on the "domain" of the program in question. So a program can be run without chroot but still have great restrictions applied to it. -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
