[Bug 1940] Selinux based sandbox

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Oct 23 00:15:07 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=1940

Jakub Jelen <jjelen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jjelen at redhat.com

--- Comment #18 from Jakub Jelen <jjelen at redhat.com> ---
(In reply to Damien Miller from comment #17)
> I'm not sure we want this - everyone is picking up seccomp-bpf on
> Linux, so supporting (in perpetuity) another sandbox that will only
> become less used over time doesn't seem like a good idea.

Yes, you are right. At this time, there is no need to use SELinux
sandbox, when seccomp adds better security and works almost everywhere.
We don't use it either so I there is no reason for this bug to rot
here. You can close it with appropriate flags.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list