User: Password:
|
|
Subscribe / Log in / New account

SMACK meets the One True Security Module

SMACK meets the One True Security Module

Posted Oct 4, 2007 21:04 UTC (Thu) by nix (subscriber, #2304)
In reply to: SMACK meets the One True Security Module by jengelh
Parent article: SMACK meets the One True Security Module

AppArmor predates SELinux, and does things that SELinux can't do without
insane delays (mass-relabelling of potentially every file in a very deep
subdirectory whenever you rename it springs to mind; even crazier
mass-relabellings of everything on the disk to implement some changes of
policy, unless I miss my guess).

(Equally, AppArmor can't efficiently imitate a TE system --- but nobody's
claiming it can.)


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds