Dailydave mailing list archives
Re: No more Novell AppArmor?
From: "J.M. Seitz" <lists () bughunter ca>
Date: Sun, 14 Oct 2007 21:19:22 -0700
Oh lord, don't even get me started with the AppArmor/SELinux craziness. I can't remember if it was InfoSec magazine, but Crispin and some other dude went head to head on SELinux vs. AppArmor. By the end of the article it was clear that neither are really useful, they are impossible to configure correctly (something like 700+ policy lines for SELinux and httpd) and in most cases are shut off. I know it's policy where I come from to do a "setenforce 0" the minute we bring up a new machine :) JS
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- No more Novell AppArmor? Dave Aitel (Oct 13)
- Re: No more Novell AppArmor? Andre Gironda (Oct 14)
- Re: No more Novell AppArmor? J.M. Seitz (Oct 15)
- Re: No more Novell AppArmor? Kees Cook (Oct 15)
- <Possible follow-ups>
- Re: No more Novell AppArmor? Rodrigo Rubira Branco (BSDaemon) (Oct 14)
- Re: No more Novell AppArmor? Andre Gironda (Oct 20)
- Re: No more Novell AppArmor? Kristian Erik Hermansen (Oct 15)