On Wednesday 09 July 2008 20:57:29 Jim Henderson wrote:
Because just like Antivirus on Linux, the only thing that AppArmor is doing is preventing a user-initiated program from making changes to the system; changes that wouldn't happen if the user were being smart.
AppArmor primarily exists to protect servers. It has nothing whatever in common with anti-virus programs. Servers generally don't need user input to do something, they wouldn't scale very well if they did - this is why they need extra protection. If apache required the sysadmin to confirm each and every GET or POST, then we would never have any issue with defacements, and apparmor would not be needed, you are correct Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org