Németh Tamás wrote:
Yes, it seems to me, that Fedora is more security-oriented than the SuSE family, but SuSE is close. Beside this, the criticized AppArmor may be a better choise for simple minded IT administrators (like me) than SELinux.
That's one way to put it. Another way to put it is that there are only 2 kinds of Fedora users: * those that run the system as configured out of the box, no changes, no new applications * those that have disabled SELinux AppArmor is for more than simple minded IT administrators like you :-) it is for administrators who don't have time to be a full-time SELinux admin, because they have something else to do. You can tell, because SuSE Linux Enterprise support includes support for AppArmor, while RHEL support just tells you to turn SELinux off if it troubles you. To get help creating or modifying a security policy, RH wants you to buy a consulting agreement. We expect users to be able to use AppArmor, and RH apparently does not share the same confidence in SELinux. I argue that openSUSE machines with AppArmor enabled are considerably more secure than Fedora machines with SELinux disabled. Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering http://novell.com Security: It's not linear --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org