[Wolves] Nsa using linux

Peter Cannon peter at cannon-linux.co.uk
Fri Aug 25 12:48:53 BST 2006 

On Friday 25 August 2006 12:18, Shane M. Coughlan wrote:

> SELinux and AppArmor are not the same.  AppArmor is less granular and
> focuses on simplicity for the end user.  SELinux is focused on ensuring
> that applications act in the way you want them to act.

Your splitting hairs!

They are the same its just they go about it in different ways. Simplicity is 
what everyone wants, it is the those who insist on complicated methods that 
are holding back Linux exposure to the business community.

I often wonder if people deliberately make it 'Difficult' in an attempt to 
protect their fiefdoms?

--<inserted Copy>--
>As you can imagine some companies make quite a lot of money from
>training people:
>https://www.redhat.com/training/security/courses/rhs429.html
--<End>--

And this entry from your other post backs up my argument, "Lets make it really 
hard so we can cache in"

> A key problem with SELinux is that to create policies that accomplish
> security goals can take a while.  It's pretty complex.  The project I am
> working on is trying to deal with that; we're offering a relatively
> simple way to get a default policy in place (a la AppArmor).

In no way would I ever decry your efforts for this project or anyones project 
for that matter. As usual I think what I said has been missed/misunderstood.

My personal opinion is that For the Home User it is not needed.

> Applications run without a large degree of control over their actions.
> SELinux creates policies that give clearly defined parameters for the
> application to execute and interact with the user and userspace data.

Hm, don't we have enough 'Permissions' problems without bringing another 
interference to the dinner table?

PeteC: who gets pissed off when he cant do what HE wants to do on his OWN 
machine! Oh and why should he spend hours 'Training some bloody security 
feature' when I'm already spending hours trying to get sodding applications 
to run.

-- 
Regards
Peter Cannon
"There is every excuse for not knowing
there is no excuse for not asking"

More information about the Wolves mailing list