Security in the 20-teens - Default security policies
Posted Feb 2, 2010 14:18 UTC (Tue) by eparis123
In reply to: Security in the 20-teens
Parent article: Security in the 20-teens
Every time you try to create such 'obvious' rules you will break
something for someone.
I completely agree.
From around a month, I was very late on a college
project that involved loading binary files to a MySQL database. Using
ubuntu, the queries always filled NULL in the binary files
columns, without any visible error messages.
After around 40 minutes of Googling, I found that the reason was an
AppArmor policy enabled by default in Ubuntu. I even found it on the very
last comment of a MySQL bugzilla entry.
Needless to say, I was very frustrated I consumed all that time on this
trivial matter, while having very limited time till the deadline. I guess
this is a pet example for users frustration with security; Casey Schaufler
(author of SMACK) had a great quote about this in one of the previous
weekly editions kernel quotes page.
to post comments)