On Sat, 2008-11-01 at 02:20 +0000, Ted Gould wrote: > I'm going to top post, you'll have to deal :) > > I think that the three come down to what are your goals. One of the > goals of SELinux is to make it so that it can be configured to the point > of not having a root user. Basically so the IT guy can't read the > president's e-mail. This is very cool if you need that level of > security -- but I'm guessing you're not sending nuclear launch codes (or > at least I hope not). The problem comes down to, with flexibility and > power you definitely have enough rope to shoot yourself in the foot. > > I've talked with the folks implementing AppArmor in Ubuntu a lot about > this, and one of the problems that we saw is that almost any Fedora > HOWTO on the Internet starts with "disable SELinux." I'm not sure how > many Fedora systems have it running and how many don't, but I'm guessing > that a fair number don't because of this. Not good. > > One of the things that AppArmor does (which isn't as restrictive) is do > more wild cards and different configurations that get evaluated at > runtime. It is more dynamic that SELinux. This makes it easier to > configure but also less robust in really well defined locked down > environments. > > I think an interesting example of using AppArmor is the new guest > account feature in Intrepid. We basically dynamicly create an account > and lock it down with AppArmor to make sure that the guest can't do > anything crazy. > > All in all, unless you're a spy agency I would say that having someone > configuring the computer who understands security and configuring a > computer to be secure matters more than any of the technologies you > choose. ---- I will say this about Fedora and SELinux...to the extent that you have users running a desktop, which I would argue is the most likely scenario for Fedora usage, SELinux is somewhat of a bother and most probably are just simply disabling it. I run it on my Fedora desktop to keep in touch with it as I do also use it on some servers (not Fedora but either RHEL or CentOS). I would venture that something similar happens to most of AppArmor roll outs but beyond SuSE, I don't know where it appears as a standard feature (I believe that Ubuntu has it as an optional install). Like any security tool though, both are more useful as you become familiar with them and can configure them instead of just shutting the extra layer of security off. Craig --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss