Re: AppArmor about to be merged into the kernel?

From: Ed Greshko <Ed.Greshko@xxxxxxxxxxx>
Date: Mon, 22 Mar 2010 13:34:28 +0800

Don Quixote de la Mancha wrote:

Perhaps someone could post a brief note that compares and contrasts
SELinux with AppArmor.

I am getting ready to set up SELinux on a server, but haven't actually
started yet. My first step would be to purchase a good technical book
on SELinux, as what little experience I already have with SELinux
suggests that it is not for the faint of heart.

Would I be better off using AppArmor instead? Or could the two of
them be used in combination?

My plan is for my server to run Apache, a modest web application,
Postfix and the MailMan email list manager.

Thanks for any insight you can give me,

There are plenty of comparisons if one enters "apparmor vs selinux" in a
google search.

Then you can decide for yourself.

Some people will point out that AppArmor comes from the Novell folks and
is already integrated with openSUSE. They would also remind folks of
the collaboration between Novell and Microsoft.

So, when reading the various comparisons make sure you know which bias
may be in play.

--
This fortune is inoperative. Please try another.

Attachment: signature.asc
Description: OpenPGP digital signature

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Follow-Ups:
- Re: AppArmor about to be merged into the kernel?
  - From: Don Quixote de la Mancha

References:
- AppArmor about to be merged into the kernel?
  - From: Marcel Rieux
- Re: AppArmor about to be merged into the kernel?
  - From: Don Quixote de la Mancha

Prev by Date: Re: AppArmor about to be merged into the kernel?
Next by Date: Suspend-to-RAM--resume: keyboard problem
Previous by thread: Re: AppArmor about to be merged into the kernel?
Next by thread: Re: AppArmor about to be merged into the kernel?
Index(es):
- Date
- Thread

Relevant Pages

Re: AppArmor or SELinux?
... time to tweak my custom AppArmor profiles to do what I want. ... from the Kernel version numbers, ... it make sense to switch from a running AppArmor system to a SELinux ... Security can never be reached by a run & go concept, ...
(Debian-User)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching
... nothing when it comes to the in-kernel implementation. ... For me the question is not SELinux or AppArmor, ... The issues that SEEdit is having unfortunately only confirm ...
(Linux-Kernel)
Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
... We've implemented AppArmor like configuration on top of SELinux. ... Does it label the file system as well? ... SELinux policy editor handles all files as same on such file systems. ...
(Linux-Kernel)
Re: AppArmor FAQ
... understanding both SELinux policies and AppArmor profiles is ... understanding what access should be allowed. ... AppArmor language seems like a small issue in comparison. ... end up disabling entire SELinux policies, or turning off SELinux, ...
(Linux-Kernel)
Re: AppArmor about to be merged into the kernel?
... SELinux with AppArmor. ... I am getting ready to set up SELinux on a server, ... Would I be better off using AppArmor instead? ... I wouldn't think you're losing your time with SELinux and a Red Hat product ...
(Fedora)