LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Multipath TCP: an overview

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Raising the Bar

Raising the Bar

Posted Apr 27, 2006 16:00 UTC (Thu) by Baylink (subscriber, #755)
Parent article: The AppArmor debate begins

The proponents of AppArmor claim that the approach is sound. Unlike SELinux, AppArmor does not attempt to be the ultimate security solution for all situations. Instead, it simply puts a lid on applications which might be compromised by an attacker. AppArmor raises the bar by limiting what a broken application might do; it does not attempt to regulate the interactions between every application and every object in the system. This approach is, it is claimed, enough to significantly raise the security of a system while maintaining an administrative interface which is accessible to mere mortals. And, for AppArmor's goals, a pathname-based access control mechanism is said to be good enough. It will probably be some time before we will see whether the kernel development community agrees with that claim.

My personal opinion on this is that if you create a security system that makes things only a little harder, then crackers will work a little harder.

If you're going to provide new security facilities, and you have a choice between ones which have a fairly clear path to get around, and ones which will be substantially harder to break (at, perhaps, the expense of being substantially harder to configure), you go deep. Not doing so penalizes the smart people in favor of the dumb ones -- just because I don't know how to configure SELinux doesn't mean I can't find someone who does ... but if it's not there, it doesn't matter whether I can do it myself or find help, does it?

(Log in to post comments)

Raising the Bar

Posted Apr 28, 2006 6:03 UTC (Fri) by dlang (✭ supporter ✭, #313) [Link]

nobody is suggesting that SELinux should not be available if you want it. however some people are arguing that since AppArmor isn't perfect security it shouldn't be an option for anyone to use.

Raising the Bar

Posted Apr 28, 2006 13:08 UTC (Fri) by jamesm (guest, #2273) [Link]

Just to be clear (seeing as I'm an SELinux developer and involved in the debate) -- this is not my position, rather, whether the mechanism used by AppArmor is suitable for merging with the mainline kernel.

Of course, people are free to do whatever they want with Linux, but it doesn't mean every idea belongs in the mainline kernel. There are a couple of paths to investigate to fix the problems with AppArmor, which have been discussed.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds