[Wolves] Two Things

[Shane M. Coughlan]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Kevanf1 wrote:
> There's a very interesting blow by blow account of the good and bad
> points of both SELinux and Apparmor in the latest issue of Linux
> Magazine.  There are reps from both SuSE Novell and Red Hat.

I just read a PDF of that a minute ago:
http://www.linux-magazine.com/issue/69/AppArmor_vs_SELinux.pdf

Also, another comment (from RH perspective):
http://danwalsh.livejournal.com/424.html

- From my perspective - while ultimately sees me considering this as a
system that could fit into net-centric warfare - I don't think AppArmor
is a solution.  It might work for a server but it's not going to work on
a massive deployment of various units with various objectives and action
methodologies.

This being said, AppArmor might well be the right solution for many
people.  Like Dan Walsh I am worried about community fragmentation.
We're making SELinux easier to use, but it takes time to mature.
Short-cuts to simplicity - with a different underlying security
implementation model - might lead to development fragmentation and lack
of proper security support from applications.

Shane

- --
Shane Martin Coughlan
e: shane at opendawn.com
m: +447773180107 (UK) +353862262570 (Ire)
w: www.opendawn.com
- ---
OpenPGP: http://www.opendawn.com/shane/publickey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iQCVAwUBRLOiVNwG3M95JPpzAQg+gwP/do6mXrn+iikC7bevg1nA7Pn/P/zEqr6E
V/+08x3ppY/9GMXeqSqPLnKZZoPH3vHqpjq8VXnBj5W+/RbwsdDz2g7AZ7iyQxtC
prHMvLTXeZN5R1wDNnWTn35KrTh/1Odwi4eD0dg2wUD47L0XPvGpD2Ei2A7dBXB5
1Ilc9MsyMlo=
=dDus
-----END PGP SIGNATURE-----