vote
 |
|
A little help in setting up SELinux...
The traditional permissions model consists of users and groups and Unix file permissions. Using this model, you can restrict which users and groups of users can read, write, and execute files. SELinux provides a richer set of permissions with users, roles, and types.
For example, under a traditional permissions model, you must give root (superuser) access to processes that wish to listen on privileged (less than 1024) ports. Once these processes have that access, they can perform any of the actions that the root user can perform. Under a SELinux model, you can grant the specific server permission to open its specific port and nothing else.
| | |
| |
|
|
