Hello!
On 2/4/06, Crispin Cowan
HG wrote:
Perhaps a different thing, but I just heard from another source that I should look at SELinux... is that included with Pro 9.2 or the latter? And does that somehow relate to file access auditing?
9.2 had some bits and pieces of SELinux in it, but never really fully supported it.
Ok, then I think I won't even try it now as I antissipate move the 10.X.
With 10.0 onward, we have completely removed SELinux, and replaced it
No wonder I didn't find anything about from my home computer...
AppArmor and SELinux are access control systems, which are kinda related to audit systems, but not exactly the same:
I know.
So whether to blend an access control system with an audit system is something of an architectural question we are still working on.
I hope you can find something on that - many corporate security policies require file auditing and currently it seems that linux doesn't provide tools for this.
AppArmor is included in SL10.0, SL10.1, and SLES9SP3. I'm less sure of where the audit systems are included, but I would suspect all of them.
I tried AppArmour briefly on SUSE 10.0, but I really didn't get much out of it. I thought that it was somehow cripled... How about the future (of AppArmour and auditing) on the OSS version? Or even the freely available SUSE (what used to be the Professional)? -- HG.