Re: Opinion re an interesting article on Linux security in Linux Journal

[Martin Stricker <shugal () gmx de>]

Bill Cheswick wrote:
> One of the things I'd like to see in Linux and Windows is better
> sandboxing of user-level programs, like Outlook and the browsers.
> There have been a number of approaches proposed over the years, and
> numerous papers, but haven't seen anything useful deployed widely
> on any of these platforms.

With the introduction of the Linux Security Module into the official
Linux kernel the first step has been done. Things like SELinux
http://www.nsa.gov/selinux/ already use it to restrict user
possibilities on the kernel level. Server applications can also use LSMs
features to become more secure (sorry, no example yet).

Best regards,
Martin Stricker
-- 
Homepage: http://www.martin-stricker.de/
Linux Migration Project: http://www.linux-migration.org/
Red Hat Linux 9 for low memory: http://www.rule-project.org/
Registered Linux user #210635: http://counter.li.org/