On 01/23/2015 06:01 PM, Stephen Harris wrote:
At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
takes away the ability to manage the eTrust config from root and puts it
in the hands of security admin. So there's a good separation of duties;
security admin control the
On Mon, Jan 26, 2015 at 03:29:23PM -0500, Daniel J Walsh wrote:
You could also set the secure_ booleans
Is this in addition to or instead of removing unconfined users?
getsebool -a | grep secure_*
secure_mode -- off
secure_mode_insmod -- off
secure_mode_policyload -- off
Without removing
At work I'm used to tools like eTrust Access Control (aka SEOS). eTrust
takes away the ability to manage the eTrust config from root and puts it
in the hands of security admin. So there's a good separation of duties;
security admin control the security ruleset, but are limited by the OS
3 matches
Mail list logo
