Language Selection

English French German Italian Portuguese Spanish

AppArmor: Much Ado About Nothing

Filed under
SUSE

When Novell released its AppArmor security suite under the GPL it created quite a media buzz. But since many people believe that the open source development model leads to better code quality, projects that are derived from a proprietary code base often arouse suspicion. The goal of AppArmor is to limit security breaches to a single process and to prevent compromising the entire system.

The most important question for AppArmor is to ask in which scenarios in can provide a reasonable security improvement. The problem is, there aren't many. The main benefit is for systems where there are multiple services running, so that if your mail server is compromised your Samba shares are still secure. But such things have been implemented using UNIX permission decades ago and this hardly justifies setting up a complex security suite.

Another shortcoming is the inability to effectively limit the harm a process can do.

Full Story.

More in Tux Machines

Three nginx Vulnerabilities Closed in Ubuntu OSes

Canonical published details in a security notice regarding a few nginx vulnerabilities that have been identified in Ubuntu 15.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems. Read more

Rackspace Debuts Red Hat OpenStack For Private Clouds

Rackspace may have put OpenStack on the map, but Thursday it introduced to its private cloud portfolio another vendor's version of the open-source technology. The managed cloud company out of San Antonio is making Red Hat Enterprise Linux OpenStack Platform available to customers and partners deploying private clouds either in Rackspace data centers or on their own premises, according to Bryan Thompson, senior director of product management for Rackspace's OpenStack practice. Read more

ST Releases Free Linux IDE for 32-Bit MCUs

The 32-bit microcontroller world is starting to open up to world Linux. This week, leading ARM Cortex-M vendor STMicroelectronics (ST) released a free Linux desktop version of its development software for its line of STM32 microcontroller units (MCUs). The tools include ST’s STM32CubeMX configurator and initialization tool, as well as its System Workbench for STM32 (SW4STM32), an Eclipse-based IDE created by Ac6 Tools. SW4STM32 is supported with toolchain, forums, blogs, and technical support by the openSTM32.org development community. Read more

Today in Techrights