Web lists-archives.com

Re: recommends for apparmor in newest linux-image-4.13

On 2017-11-28.19:54, Christoph Hellwig wrote:
> It's just a bad idea of a security model that implements ad-hoc
> and mostly path based restrictions instead of an actually verified
> security model.  Using that by default makes it much harder to actually
> use a real MAC based security model, which not only is required for
> various security sensitive deployments but also a good idea in general.

I am not an expert, but I thought that AppArmor was also considered a
MAC implementation.

Can you provide more information on the verification of SELinux?


Attachment: signature.asc
Description: PGP signature