AppArmor set to be merged for 2.6.36
AppArmor set to be merged for 2.6.36
Posted Jul 31, 2010 7:59 UTC (Sat) by jengelh (guest, #33263)In reply to: AppArmor set to be merged for 2.6.36 by haradats
Parent article: AppArmor set to be merged for 2.6.36
Posted Jul 31, 2010 13:05 UTC (Sat)
by haradats (guest, #44782)
[Link] (2 responses)
I once tried to make a MAC comparison chart for the newcomers and wrote the following chart.
http://tomoyo.sourceforge.jp/wiki-e/?WhatIs#comparison
My personal opinion on the major difference between AppArmor and TOMOYO are AppArmor works on selected programs ("profile") while TOMOYO treat the whole system as sets of process invocation history ("domain").
There will be a Linux security summit as a part of LinuxCon 2010 and MAC developers meet together. ;-) If possible, I will ask their opinions. (It will be great if you can join!)
https://security.wiki.kernel.org/index.php/LinuxSecurityS...
Posted Jul 31, 2010 14:01 UTC (Sat)
by jengelh (guest, #33263)
[Link] (1 responses)
To still appear at LC-NA would require external contribution. But I am in for LC-J.
Posted Jul 31, 2010 22:44 UTC (Sat)
by haradats (guest, #44782)
[Link]
http://vger.kernel.org/vger-lists.html#linux-security-module
The merging process is not easy. It took two years for TOMOYO and four years for AppArmor since their first *postings*, which means they have been rejected for those periods.
http://www.slideshare.net/haradats/time-to-glean-mac-for-...
Merging cannot happen by mistakes, so why don't we celebrate AppArmor's new start for the momemnt? :-)
AppArmor set to be merged for 2.6.36
(Some of the items need updates. Most importantly "security goals" for both AppArmor and TOMOYO are obsolete.)
AppArmor set to be merged for 2.6.36
AppArmor set to be merged for 2.6.36