-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 18:57 -0000, Jim Henderson wrote:
On Wed, 09 Jul 2008 11:41:52 -0700, J Sloan wrote:
Why do you say it serves no useful purpose?
Because just like Antivirus on Linux, the only thing that AppArmor is doing is preventing a user-initiated program from making changes to the system; changes that wouldn't happen if the user were being smart.
No, it prevents a program initiated by the system, a program serving some service, from accessing things it was not designed to access. And it doesn't mean the user did something wrong: it may be that a cracker found a hole and violated apache. Even if an on-access-scanner scanned the apache binary chances are it wouldn't find anything wrong... because linux binaries are very diverse. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdRlYtTMYHG2NR9URAkmVAJ4iDd8N7EvOrjO7YggKgVYw03feegCgiJ6I 0KrlfAE16zxcHu7y7DKxJvs= =ky6X -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org