Language Selection

English French German Italian Portuguese Spanish

AppArmor: Much Ado About Nothing

Filed under
SUSE

When Novell released its AppArmor security suite under the GPL it created quite a media buzz. But since many people believe that the open source development model leads to better code quality, projects that are derived from a proprietary code base often arouse suspicion. The goal of AppArmor is to limit security breaches to a single process and to prevent compromising the entire system.

The most important question for AppArmor is to ask in which scenarios in can provide a reasonable security improvement. The problem is, there aren't many. The main benefit is for systems where there are multiple services running, so that if your mail server is compromised your Samba shares are still secure. But such things have been implemented using UNIX permission decades ago and this hardly justifies setting up a complex security suite.

Another shortcoming is the inability to effectively limit the harm a process can do.

Full Story.

More in Tux Machines

today's howtos

Lenovo G50 & CentOS 7.2 MATE - Fairly solid

Is there a perfect track record for any which distro? No. Do any two desktop environments ever behave the same? No. Is there anything really good and cool about the MATE offering? Yes, definitely. It's not the finest, but it's definitely quite all right. You do get very decent hardware support, adequate battery life and good performance, smartphone and media support is top notch, and your applications will all run happily. On the other hand, you will struggle with Samba and Bluetooth, and there are some odd issues here and there. I think the Gnome and Xfce offerings are better, but MATE is not to be dissed as a useless relic. Far from it, this is definitely an option you ought to consider if you're into less-than-mainstream desktops, and you happen to like CentOS. To sum it all up, another goodie in the growing arsenal of CentOS fun facts. Enjoy. Read more

digiKam 5.2.0 is published...

After a second release 5.1.0 published one month ago, the digiKam team is proud to announce the new release 5.2.0 of digiKam Software Collection. This version introduces a new bugs triage and some fixes following new feedback from end-users. This release introduce also a new red eyes tool which automatize the red-eyes effect reduction process. Faces detection is processed on whole image and a new algorithm written by a Google Summer of Code 2016 student named Omar Amin is dedicated to recognize shapes and try to found eyes with direct flash reflection on retina. Read more

Games for GNU/Linux