Novell releases AppArmor
Posted Jan 13, 2006 21:05 UTC (Fri) by nix
In reply to: Novell releases AppArmor
Parent article: Novell releases AppArmor
Well, yes, except that in SELinux all security policies are applied to types (which are a labelling scheme of sorts, therefore). This means that you end up needing a *lot* of types and a massive tangle of relationships between files, types, and security policies...
... I can see that it's more flexible than AppArmor, but ye gods is it also more complex, and TBH most of us just don't need that complexity.
to post comments)