You clearly have not tried SELinux and AppArmor before. If you had, you would know that SELinux takes time and effort to get used to, to fully exploit its potential. (And its pretty damn good, once you figure it out).
Its often too tedious for most people to use, and they often turn it off. (I think Fedora Core has it built-in by default...But most people see it as an annoyance, so its disabled).
Novell has taken the more user-friendly approach in configuring things with their approach, called Apparmor. Granted, its not like SELinux in features and capability, but it doesn't require you to spend too much time on it.(The basic idea is similar to SELinux, but SELinux offers alot more at additional complexity).
I reckon Novell will be successful in this task. They'll need to offer features that will rival SELinux first, before they go all out in making configuration easier.
But judging by the pace they've achieved with SUSE Linux, I wouldn't be surprised if this were the next thing that will be liked by users.
Its often too tedious for most people to use, and they often turn it off. (I think Fedora Core has it built-in by default...But most people see it as an annoyance, so its disabled).
Novell has taken the more user-friendly approach in configuring things with their approach, called Apparmor. Granted, its not like SELinux in features and capability, but it doesn't require you to spend too much time on it.(The basic idea is similar to SELinux, but SELinux offers alot more at additional complexity).
I reckon Novell will be successful in this task. They'll need to offer features that will rival SELinux first, before they go all out in making configuration easier.
But judging by the pace they've achieved with SUSE Linux, I wouldn't be surprised if this were the next thing that will be liked by users.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/284/1310#1310