Loading...

    How come MCS Confinement is not working in SELinux even in enforcing mode?

    Date22 Sep 2015
    CategorySELinux
    1717
    Posted ByAnthony Pell

    MCS separation is a key feature in sVirt technology. We currently use it for separation of our Virtual machines using libvirt to launch vms with different MCS labels. SELinux sandbox relies on it to separate out its sandboxes. OpenShift relies on this technology for separating users, and now docker uses it to separate containers.

    When I discover a hammer, everything looks like a nail.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Which email threat are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    22
    radio
    [{"id":"81","title":"Ransomware","votes":"3","type":"x","order":"1","pct":75,"resources":[]},{"id":"82","title":"Business email compromise ","votes":"1","type":"x","order":"2","pct":25,"resources":[]},{"id":"83","title":"Spam email","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.