Language Selection

English French German Italian Portuguese Spanish

SELinux vs AppArmor vs Grsecurity

Filed under
Linux
Security
HowTos

Linux kernel is the central component of Linux operating systems. It is responsible for managing the system's resources, the communication between hardware and software and security. Kernel play a critical role in supporting security at higher levels. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly in how they are administered and how they integrate into the system. They also allow for easy control of access between processes and objects, processes and other processes, and objects and other objects. The following pros and cons list is based upon my personal experience.

SELinux
Security-Enhanced Linux (SELinux) is a Linux feature that provides a variety of security policies for Linux kernel. It is included with CentOS / RHEL / Fedora Linux, Debian / Ubuntu, Suse, Slackware and many other distributions.

AppArmor
AppArmor (Application Armor) is another security software for Linux which maintained and released by Novell under GPL. AppArmor was created as an alternative to SELinux. AppArmor works with file paths.

grsecurity
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It utilizes a multi-layered detection, prevention, and containment model. It is licensed under the GPL.

full story




More in Tux Machines

Linux Foundation and Linux

openSUSE Tumbleweed Users Get Git 2.11, Xfce 4.12.3, FFmpeg 3.2.1 & Mesa 13.0.2

openSUSE's Douglas DeMaio reports on the latest Open Source and GNU/Linux technologies that landed in the repositories of the openSUSE Tumbleweed rolling operating system. Read more

What Is A VPN Connection? Why To Use VPN?

We all have heard about VPN sometime. Most of us normal users of internet use it. To bypass the region based restrictions of services like Netflix or Youtube ( Yes, youtube has geo- restrictions too). In fact, VPN is actually mostly used for this purpose only. ​ Read
more

The Libreboot C201 from Minifree is really really really ridiculously open source

Open source laptops – ones not running any commercial software whatsoever – have been the holy grail for free software fans for years. Now, with the introduction of libreboot, a truly open source boot firmware, the dream is close to fruition. The $730 laptop is a bog standard piece of hardware but it contains only open source software. The OS, Debian, is completely open source and to avoid closed software the company has added an Atheros Wi-Fi dongle with open source drivers rather than use the built-in Wi-Fi chip. Read more