[Dailydave] No more Novell AppArmor?
J.M. Seitz
lists at bughunter.ca
Mon Oct 15 00:19:22 EDT 2007
Oh lord, don't even get me started with the AppArmor/SELinux craziness. I
can't remember if it was InfoSec magazine, but Crispin and some other dude
went head to head on SELinux vs. AppArmor. By the end of the article it was
clear that neither are really useful, they are impossible to configure
correctly (something like 700+ policy lines for SELinux and httpd) and in
most cases are shut off. I know it's policy where I come from to do a
"setenforce 0" the minute we bring up a new machine :)
JS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.immunitysec.com/pipermail/dailydave/attachments/20071014/14b10916/attachment.htm
More information about the Dailydave
mailing list