FAQ

Clinton Gormley wrote:
On Sun, 2006-04-09 at 13:45 -0400, Jonathan Vanasco wrote:

On Apr 9, 2006, at 5:02 AM, Kevin A. McGrail wrote:

I'm under the impression that this is the same as SELinux
(http://www.nsa.gov/selinux/info/faq.cfm)
SELinux is at the kernel level + a few libraries, and from what i
read appArmor is just a library

No, appArmor plugs into the kernel via LSM (Linux Security Modules),
which SELinux uses as well. It is really impressive. Have a look at this
demo (272 meg of video!)
ftp://ftp.belnet.be/pub/mirror/FOSDEM/FOSDEM2006-apparmor.avi

It is easy to configure, adds little overhead, and allows you to build
security profiles on the fly. Also, it adopts the
deny-all/allow-required approach, rather then allow-all,
deny-this-that-and-the-other-thing.

Also, (and I forgot the details) but I'm pretty sure it allows you to
separate permissions for different perl scripts running under mod-perl.
according to the presenter -- it does.


--
_____________________________________________________________
Stas Bekman mailto:stas@stason.org http://stason.org/
MailChannels: Assured Messaging(TM) http://mailchannels.com/
The "Practical mod_perl" book http://modperlbook.org/
http://perl.apache.org/ http://perl.org/ http://logilune.com/

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 5 of 5 | next ›
Discussion Overview
groupmodperl @
categoriesmodperl, perl
postedApr 8, '06 at 12:09a
activeApr 11, '06 at 1:35a
posts5
users4
websiteperl.apache.org

People

Translate

site design / logo © 2017 Grokbase