On Mon, Mar 27, 2006 at 06:14:07PM -0700, Andrew Jorgensen wrote: > There are several ways, but what you really need is AppArmor. > > Andrew > > PS: AppArmor <http://www.novell.com/products/apparmor/> is open > source, uses the same infrastructure SELinux uses, and is WAY EASIER > to use than SELinux, especially if you've never used either before. > Have a look at this FOSDEM talk before deciding which to use > <http://ftp.belnet.be/mirrors/FOSDEM/FOSDEM2006-apparmor.avi>.
BSD Secure Levels also uses the same infrastructure that AppArmor uses
(the LSM hook framework), it is way easier than AppArmor, but it is
not necessarily the best tool for the job of securing a system in
the way that an admin may require.
Personally, I would prefer the power, flexibility, and (yes)
complexity of SE Linux over many other MAC solutions out
there. AppArmor may be a good solution for many cases, but just
because it is simpler does not mean that it can do a better job of
securing a system than SE Linux can do.
Mike
.___________________________________________________________________.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 419C 5B1E 948A FA73 A54C 20F5 DB40 8531 6DCA 8769
"To prohibit sharing software is to cut the bonds of society."
- Richard Stallman
signature.asc
Description: Digital signature
/* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
