Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview

On Fri, 28 Apr 2006, Stephen Hemminger wrote:

> SELinux on the other hand takes a real security view of the world. If
> you have ever worked with real security environment with "need to
> know", you will understand that it is hard to keep secure and requires
> too many restrictions for normal users.

It depends on the type of SELinux policy you have loaded.  The one which 
most people use, "targeted policy", is aimed at confining network facing 
services while allowing the local user level stuff to run generally 
without confinement.

- James
-- 
James Morris
<[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Casey Schaufler <[email protected]>
- Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Hemminger <[email protected]>

Prev by Date: RT interrupt handling
Next by Date: I hope to be kernel developer ,in i386 arch
Previous by thread: Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
Next by thread: Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]