SELinux is a great way to limit the access rights/roles on a Linux machine. But how do you limit CPU or memory usage of a given application? Red Hat engineer Dan Walsh has a solution that he calls SELinux Sandbox which he demoed at the LinuxCon conference today.
Walsh stressed that he's not trying to replace virtualization with SELinux sandboxing, but he is trying to create an easier way to isolate and control applications.

The link for this article located at Internet News is no longer available.