LinuxCon: Secure virtualization with sVirt

Posted Sep 24, 2009 9:28 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
Parent article: LinuxCon: Secure virtualization with sVirt

"As they learned from the Xen compromise, leaving the labeling up to administrators does not work"

Yeah, have they _seen_ the complexity of SELinux policies? It's no wonder that most administrators dare not touch SELinux. Personally, I usually just pray that it works.

On the other hand, path-based approaches like AppArmor are very easy to use. But they had not gained any traction within the security community. Probably, because it's too easy to use.

to post comments

LinuxCon: Secure virtualization with sVirt

Posted Oct 12, 2009 2:04 UTC (Mon) by vonbrand (subscriber, #4458) [Link]

On the other hand, path-based approaches like AppArmor are very easy to use. But they had not gained any traction within the security community. Probably, because it's too easy to use.

In Unix, the same object can be accessed by wildly different paths (think links) or can move around, so this won't give much security. That it is easy to use makes no difference if it is easy to bypass.

You also misrepresent the security community: A mechanism that is hard to understand and use won't be secure in practice, and they do know that very well; so they are looking for simple to use mechanisms.