Clinton Gormley wrote:
On Sun, 2006-04-09 at 13:45 -0400, Jonathan Vanasco wrote:

On Apr 9, 2006, at 5:02 AM, Kevin A. McGrail wrote:

I'm under the impression that this is the same as SELinux
SELinux is at the kernel level + a few libraries, and from what i
read appArmor is just a library

No, appArmor plugs into the kernel via LSM (Linux Security Modules),
which SELinux uses as well. It is really impressive. Have a look at this
demo (272 meg of video!)

It is easy to configure, adds little overhead, and allows you to build
security profiles on the fly. Also, it adopts the
deny-all/allow-required approach, rather then allow-all,

Also, (and I forgot the details) but I'm pretty sure it allows you to
separate permissions for different perl scripts running under mod-perl.
according to the presenter -- it does.

Stas Bekman mailto:stas@stason.org http://stason.org/
MailChannels: Assured Messaging(TM) http://mailchannels.com/
The "Practical mod_perl" book http://modperlbook.org/
http://perl.apache.org/ http://perl.org/ http://logilune.com/

Search Discussions

Discussion Posts


Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 5 of 5 | next ›
Discussion Overview
groupmodperl @
categoriesmodperl, perl
postedApr 8, '06 at 12:09a
activeApr 11, '06 at 1:35a



site design / logo © 2018 Grokbase