On Sunday 15 November 2009 16:40:48 Nikos Chantziaras wrote: > On 11/15/2009 11:22 AM, Dirk Heinrichs wrote: > > SELinux allows to spread the tasks root needs to do or can do accross > > several roles. Of course, if only one single person has root access to > > the system this doesn't make sense. But we're talking about cases where > > several people (incl. the malicious attacker) have root access. So you > > can very well configure a (SE-)Linux system so that "root" can't do > > everything. > > So how do you get your machine back if you forbid yourself to change its > configuration then?
reboot|power down|pull power plug out|whatever and edit kernel config line to not laod selinux -- alan dot mckinnon at gmail dot com
