LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Linux fragmenting at last?

Linux fragmenting at last?

Posted Mar 1, 2006 10:35 UTC (Wed) by nix (subscriber, #2304)
Parent article: Linux fragmenting at last?

Well, Crispin said last night (in the pub after a thoroughly pleasant arranged-at-the-last-minute talk on AppArmor) that submission of the kernel parts to the mainline is imminent, probably 'next month' (i.e. March given that he said this very late on Feb 28 ;) ), and that packaging the userspace parts up more conventionally is also desirable.

Anyone willing to do it? (I might well do it if nobody else can find the time.)

(One other point is that AppArmor is wonderfully easy to configure. Not only are the profiles easy to edit but you hardly ever need to edit them anyway because the automatic learning tools are so flexible.)

(As an aside, SELinux and AppArmor use the *same hooks* in the kernel, the LSM hooks, and those hooks were designed with both systems in mind from the start. So this is hardly a sign of catastrophic kernel fragmentation.)

(Log in to post comments)

Linux fragmenting at last?

Posted Mar 1, 2006 10:37 UTC (Wed) by nix (subscriber, #2304) [Link]

Oh, and finally, AppArmor predated SELinux by a considerable time (I think AppArmor started out in 1999?), so if anyone is to blame for a fork it would be SELinux.

But as a fork isn't happening, no 'blame' need be assigned.

Linux fragmenting at last?

Posted Mar 1, 2006 12:26 UTC (Wed) by nsoranzo (subscriber, #34668) [Link]

Oh, and finally, AppArmor predated SELinux by a considerable time (I think AppArmor started out in 1999?), so if anyone is to blame for a fork it would be SELinux.

With the difference that SELinux was GPL from the start, while AppArmor wasn't at that time.

Linux fragmenting at last?

Posted Mar 1, 2006 20:24 UTC (Wed) by nix (subscriber, #2304) [Link]

Yes, but it would still be peculiar to point to the earlier implementation as signs of fragmentation. Non-free or not the AppArmor hackers didn't see into the future and decide to make something extra-different to that SELinux thing ;)

Linux fragmenting at last?

Posted Mar 2, 2006 7:37 UTC (Thu) by danieldk (guest, #27876) [Link]

Anyone willing to do it? (I might well do it if nobody else can find the time.)

FWIW, packages for Slackware Linux are available from: http://danieldk.org/apparmor/

Linux fragmenting at last?

Posted Mar 4, 2006 18:12 UTC (Sat) by job (guest, #670) [Link]

Interesting. What has the AppArmor developers to say about the LSM hook critique voiced by the grsec and RSBAC developers?

Linux fragmenting at last?

Posted Mar 5, 2006 15:01 UTC (Sun) by nix (subscriber, #2304) [Link]

I didn't ask, not being aware until now of the existence of said critique.

Got any pointers.

Linux fragmenting at last?

Posted Mar 10, 2006 19:40 UTC (Fri) by PaXTeam (subscriber, #24616) [Link]

http://www.grsecurity.net/lsm.php
http://www.rsbac.org/documentation/why_rsbac_does_not_use...

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds