Re: [Vserver] secure a guest against the host's root-account:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

Re: [Vserver] secure a guest against the host's root-account

From: Oliver Welter <mail_at_oliwel.de>
Date: Mon 24 Apr 2006 - 14:44:09 BST
Message-Id: <444CD629.6080003@oliwel.de>

Hi Mike, Serge,

>>> So, is there any way to do this ? I guess that SELinux/GR will offer
>>> some pointers to forbid root these actions, but are there any "easier"
>>> ways ??
>>>
>> Sounds like SELinux is the tool of choice for that.
>
> And if your concern is with the host's admins, not with exploited root
> apps on the host server, then selinux still won't help you.

Partially....my second question here on the list regarding TPM support
would be a great possibility to ensure and certifiy a certain state of
the Root-Server.

But to keep on track - are they any good howtos for SELinux/vserver

Oliver 

-- 
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72

_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Received on Tue Apr 25 17:01:45 2006
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 25 Apr 2006 - 17:01:48 BST by hypermail 2.1.8