Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ISN] Security wars: Novell SELinux killer rattles Red Hat

from [InfoSec News] Network Security [Permanent Link]
Subject: Re: [ISN] Security wars: Novell SELinux killer rattles Red Hat
Date: Tue, 28 Feb 2006 02:03:42 -0600 (CST) 
Forwarded from: Kurt Seifried <listuser@seifried.org>

This article is somewhat... retarded.

AppArmour (formerly called SubDomain) is easier to configure and
manage in some respects, the rulesets are easier to read.

"By introducing a second MAC application into the open-source
landscape, Novell is splintering the development community, Walsh
charged. Only a limited number of developers have the expertise to
work on such an application, and the effort Novell itself will put
into AppArmor could have been applied to improving the user interface
of SELinux."

However like AppArmour there are front ends for SELinux, such as
Tresys' "Setools". Additionally you can manage the rules manually
(it's just text files, granted a bit on the huge and complicated side
but nothing impossible). The Tresys tool for example includes the
capability to let you run SELinux in permissive warning mode (so it'll
allow but log violations), you can then parse the audit file to build
a profile. You can also do this manually using grep and other common
command line tools to build a ruleset.

To compare SELinux/AppArmour to the UNIX wars is.. odd. You can run
either one, and you can convert policies back and forth (guess what,
they basically specify the same bits of information in the end). It
wouldn't be impossible (in fact it would be relatively easy) for an
application vendor to ship both an AppArmour and SELinux profile with
their software, minimizing any problems for end users.

As for Red Hat complaining about Novell trying to split the market,
that's one of the sillier things I've ever read. Isn't one of the
benefits of OpenSource that we have access to the code and minimal
vendor lock in, i.e.  a choice of the best solution for me? It's
somewhat disturbing to me to see such comments coming out of Red Hat.

Personally I would love it if Red Hat shipped both SELinux and
AppArmour, I have had to disable SELinux on several machines
specifically because Red Hat's policies for the Apache HTTP web server
are too restrictive, and manually fixing the SELinux policies is more
trouble right now then it's worth (it's on my todo list... someday).
AppArmour would allow me to quickly allow the extra things required by
the application.

-Kurt



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ISN] Ernst & Young loses four more laptops, InfoSec News
Next by Date:  [ISN] Security pros must improve, says new body, InfoSec News
Previous by Thread:  [ISN] Security wars: Novell SELinux killer rattles Red Hat, InfoSec News
Next by Thread:  [ISN] CID Agent Combats Identity Theft With DVD, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]