|
|
|
|
|
|
by XorNot
2036 days ago
|
|
|
You can disable the unconfined_u user though, it's just stricter then the normal "targeted" policy which is common today. What I'm saying is we don't need a new technology here, we actually have the technology we just need to deploy it properly. SELinux provides all the tools we need to implement the guarantees, just Linux distros don't currently have a stance on how they want to expose such a policy option. |
|
|