Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] grsecurity



On 5/1/2012 2:46 PM, Tom Metro wrote:
> How is RBAC different from SELinux or AppArmor? (And why didn't they
> incorporate one of those?)

I don't know but I can guess.  It's chroot jails.  Locking down chroots 
is a standard feature of Grsecurity.  Neither SELinux nor AppArmor are 
aware of chroot contexts.  You can nest SELinux and chroot jails but you 
need to be diligent in auditing your security labels lest a misplaced 
label leave a gaping hole in your jail.

-- 
Rich P.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org