|| ||Alan Cox <alan-AT-lxorguk.ukuu.org.uk>|
|| ||Re: [AppArmor 00/44] AppArmor security module overview|
|| ||Thu, 28 Jun 2007 11:23:24 +0100|
|| ||David Miller <davem-AT-davemloft.net>, crispin-AT-novell.com,
seanlkml-AT-sympatico.ca, bunk-AT-stusta.de, akpm-AT-linux-foundation.org,
> > Anyone can apply the apparmour patch to their tree, they get the
> > choice that way. Nobody is currently prevented from using apparmour
> > if they want to, any such suggestion is pure rubbish.
> The exact same argument was made prior to SELinux going upstream.
Its made for every thing before it goes upstream. It shouldn't be going
uptream until it works, is reliable and does something useful. Then if it
ever makes that grade it can go and sit in -mm for a bit to shake down .
> > Frankly I think AppArmour is a joke,
> "SELinux, AppArmor, and Hilary Clinton walk into a bar ..."
SELinux orders a beer object
AppArmor order a /beer
Hilary says "You are both under 21 you can't"
SELinux orders a shandy object
AppArmor orders a /shandy
SELinux is refused because the shandy mixer opened a beer object and
shandy inherited beer typing
AppArmor gets drunk because /shandy and /beer are clearly different
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to email@example.com
More majordomo info at http://vger.kernel.org/majordomo-info.html
to post comments)