Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: Enable SELinux via boot parameter
From: Stephen Smalley <sds_at_epoch.ncsc.mil>
Date: 03 Sep 2003 08:29:41 -0400
It is already the case that you need to specify 'enforcing=1' to boot an enforcing kernel if you enabled development support. How many people disable development support? And if you do disable development support, do you also keep around a second kernel that you can boot for emergency recovery? In that case, what is the difference? You are still are relying on your lilo/grub password to limit the ability to boot the non-SELinux kernel. -- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Wed 3 Sep 2003 - 08:30:01 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |