--- Joshua Brindle [EMAIL PROTECTED] wrote:
Biba and BLP are only incompatible if they are using the same label, if
each object has a confidentiality and integrity label they work fine
together
Joshua is correct here, although the original Biba observation was
that flipping BLP upside
On Tue, 17 Apr 2007, Alan Cox wrote:
I'm not sure if AppArmor can be made good security for the general case,
but it is a model that works in the limited http environment
(eg .htaccess) and is something people can play with and hack on and may
be possible to configure to be very secure.
On Wed, April 18, 2007 14:15, Joshua Brindle wrote:
Having said that, I feel a path based solution could have great
potential
if it could be used in conjunction with the object capability model,
that
I would consider a simple and practical alternative integrity model that
does not require
James Morris wrote:
On Tue, 17 Apr 2007, Alan Cox wrote:
I'm not sure if AppArmor can be made good security for the general case,
but it is a model that works in the limited http environment
(eg .htaccess) and is something people can play with and hack on and may
be possible to configure to be
James Morris wrote:
On Tue, 17 Apr 2007, Alan Cox wrote:
I'm not sure if AppArmor can be made good security for the general case,
but it is a model that works in the limited http environment
(eg .htaccess) and is something people can play with and hack on and may
be possible to configure
On Wed, 18 Apr 2007, Crispin Cowan wrote:
Please explain why labels are necessary for effective confinement. Many
systems besides AppArmor have used non-label schemes for effective
confinement: TRON, Janus, LIDS, Systrace, BSD Jail, EROS, PSOS, KeyOS,
AS400, to name just a few. This claim seems
On Wed, 18 Apr 2007, James Morris wrote:
On Tue, 17 Apr 2007, Alan Cox wrote:
I'm not sure if AppArmor can be made good security for the general case,
but it is a model that works in the limited http environment
(eg .htaccess) and is something people can play with and hack on and may
be
On Wed, 18 Apr 2007, Crispin Cowan wrote:
James Morris wrote:
On Tue, 17 Apr 2007, Alan Cox wrote:
I'm not sure if AppArmor can be made good security for the general case,
but it is a model that works in the limited http environment
(eg .htaccess) and is something people can play