* Gerrit Huizenga ([email protected]) wrote:
> I get the impression from customers that SELinux is so painful to
> configure correctly that most of them disable it. In theory, LSM +
> something like AppArmour provides a much simpler security model for
> normal human beings who want some level of configuration. Also,
> the current SELinux config in RH is starting to have a measureable
> performance impact. I'm not sure this particular battle of the
> security models is quite over from a real user perspective.
SELinux usability is not the same issue as having LSM in the kernel.
So, I agree, usability can improve, but having AppArmor as external
patchkit is not helping show LSM is needed in upstream tree. It needs
to survive review and get upstream as a means to showing the use of LSM.
thanks,
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
