Linux fragmenting at last?
Posted Mar 1, 2006 1:15 UTC (Wed) by erich
Parent article: Linux fragmenting at last?
It's way too early to talk about fragmentation yet.
Noone has proven that these things can't just coexist. That one Distribution could support both SELinux and AppArmor, for example.
or that AIGLX can't run on top of Xgl.
These are just different approaches to solve outstanding issues (higher security, better graphics, ...)
The real issues I see here, is that these projects are often developed behind closed doors. There were many people complaining about the way Novell has handled the Xgl development, for example.
I've just these days blogged about AppArmor and SELinux:
And while this reads very harsh against SELinux, I'm still trying to bring good SELinux support to Debian.
But here, too, development is done largely behind closed doors at e.g. Tresys, which is just very unhealthy.
And despite it's maturity, SELinux is (likely due to all the new stuff added, like semanage) currently in a really bad shape for users.
Of course the people at Tresys and RedHat will flame me again for saying so. But Novell could hardly have picked a better time for attacking SELinux with AppArmor, and I for example know of noone running current modular SELinux successfully except on Fedora/RHEL (the redhat people) or Gentoo (the tresys people). All the other distributions have largely lost their SELinux support (well, the core stuff like init usually is SELinux-enabled, but there is absolutely no documentation available, and thus very few people even trying to get it up and running. And even fewer are successful at it.)
Let's hope Novell doesn't manage to exploit this current weakness of SELinux with AppArmor, which is said to have serious technical limitations (aka: "it's mostly useless")
to post comments)