On Thu, 07 May 2009 22:21:59 -0500, Rajko M. wrote:
On Thursday 07 May 2009 09:20:05 pm Jim Henderson wrote:
So perhaps a good "solution" would be further enhancement and simplification of the AppArmor administrative interfaces with an eye towards making those interfaces usable for people who don't spend their lives in front of a computer. :-)
Exactly that.
I suppressed temptation to start commenting on AppArmor configuration module that is behind ZA approach. Once again, to see how it works, and evaluate it one has to use paid for version. The free one is not much more then firewall.
Very true, and personally, I haven't looked at the paid version - the free version did enough for me. Interestingly, I received a couple of replies off-list (perhaps the sender meant to send them on the list but didn't) suggesting that using Wireshark was trivially simple and anyone should be able to learn to use it. The individual also suggested that programs that don't do a setup as a post-installation script when the RPM is installed are developed wrong. It seemed odd to me that (a) the idea of using a more complex piece of software like Wireshark - which requires root privileges to do capturing - rather than a popup that says "Application FooBar wants to talk to the Internet, allow it?" was a good thing. I supposxe because making a system easy to use is evil. <shrug> I've worked with networked computers for some 20 years and have done LAN analysis with programs and products that pretty much run the gambit, and I certainly think Wireshark is the best of the best out there. But at the same time, it has taken years of working with tools like that to know without extensive research whether: Transmission Control Protocol, Src Port: 790 (790), Dst Port: shilp (2049), Seq: 141, Ack: 20613, Len: 0 is something I should expect or not on my network. To ask that every person who uses a computer be trained to perform network analysis of their applications "if they're really interested in security" is frankly nonsense. (b) That rather than put technological measures in place to quarantine programs that are poorly developed, it is better to say "don't use programs that are poorly developed" and then blame the user when one of those programs does something unexpected or behaves badly. To me that seems like a really bad idea. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org