SELinux Qemu Sandboxing Effectiveness

asked 2017-03-26 12:25:23 -0600

indolering gravatar image

I recently installed Firejail, however, it causes frequent breakages because the rule-sets lag behind system updates. I'm having a lot of trouble with Qemu in particular and wanted to know how tightly SELinux locks Qemu down. Am I wasting my time or do the Firejail rulesets (launcher, system) provide more protection?

Or, to put it another way, what restrictions does Fedora's SELinux profile apply to Qemu?

edit retag flag offensive close merge delete