Language Selection

English French German Italian Portuguese Spanish

SELinux vs AppArmor vs Grsecurity

Filed under
Linux
Security
HowTos

Linux kernel is the central component of Linux operating systems. It is responsible for managing the system's resources, the communication between hardware and software and security. Kernel play a critical role in supporting security at higher levels. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to secure your box. They differ significantly in how they are administered and how they integrate into the system. They also allow for easy control of access between processes and objects, processes and other processes, and objects and other objects. The following pros and cons list is based upon my personal experience.

SELinux
Security-Enhanced Linux (SELinux) is a Linux feature that provides a variety of security policies for Linux kernel. It is included with CentOS / RHEL / Fedora Linux, Debian / Ubuntu, Suse, Slackware and many other distributions.

AppArmor
AppArmor (Application Armor) is another security software for Linux which maintained and released by Novell under GPL. AppArmor was created as an alternative to SELinux. AppArmor works with file paths.

grsecurity
grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It utilizes a multi-layered detection, prevention, and containment model. It is licensed under the GPL.

full story




More in Tux Machines

Gnome: Release code names

Hi all, I'm working on the release notes for 3.18, and I will also be working on release promotion. During GUADEC, the board and Release Team agreed to name September release after the GUADEC host city, and each March release after the GNOME.Asia host city. Read more

systemd 225 Adds 'su' Replacement, Saving of Private-Zone DHCP Options

The systemd development team, through David Herrmann, had the pleasure of announcing the release and immediate availability for download of the systemd 225 open-source, next-generation init system for GNU/Linux distributions. Read more

Interviews with FLOSS developers: Elena Grandi

One of fresh additions to Debian family, and thus wider FLOSS family is Elena Grandi. She is from realms of Valhalla and is setting her footprint into the community. A hacker mindset, a Free software lover and a 3D printing maker. Elena has big dedication to make the world free and better place for all. She tries to push limits on personal level with much care and love, and FLOSS community will benefit from her work and way of life in future. So what has the Viking lady to say about FLOSS? Meet Elena "of Valhalla" Grandi. Read more

Jide Remix Mini Android PC to ship in October

Google Android is an operating system that was originally designed for smartphones, but these days it also supports tablets, TVs, smartwatches, and more. It’s not really designed to replace a desktop operating system like Windows or Ubuntu, but there have been a number of attempts to modify the open source Android operating system to make it feel more like a desktop OS. This year Chinese startup Jide launched Remix OS, which a version of Android with a taskbar, support for multi-window apps, and other desktop-style features. Read more