Linux security non-modules and AppArmor
Posted Jun 28, 2007 13:14 UTC (Thu) by grandinj
In reply to: Linux security non-modules and AppArmor
Parent article: Linux security non-modules and AppArmor
That may well be so.
But if you're implementing a security scheme that aims to be "good enough", why would you drag in a project where
(a) your intentions are continually derided i.e. you are treated as a second-class citizen
(b) adds a HUGE chunk of extra complexity to a security project i.e. a project in which you really want to know how all the bits work.
The pathname thing appears to work. __You__ may not like it, but the thing is, it works - maybe not perfectly, and there sure are cases where it can be tripped up, but it does pretty well.
Remember, perfect is the enemy of good.
to post comments)