On 11/29/2013 9:00 AM, Claudio Freire wrote:
On Fri, Nov 29, 2013 at 3:20 AM, L.A. Walsh
wrote: On 11/28/2013 1:13 PM, Claudio Freire wrote:
Standard or not, it's the kind of security mechanism that takes so much effort and knowledge to properly set up, that it HAS to be set up by the distribution, and by default, to be of any value.
Then why are firewalls 3rd party applications? They can be just as hard to configure.
They're not. Linux firewalls live in the kernel, and default linux installs (especially openSUSE) have included properly configured firewalls for years. Maybe you're thinking windows.
Sorry, firewall != packet routing. The kernel has packet routing. It's not until it is configured to selectively reject or drop packets that it becomes a firewall. Maybe you are forgetting, for example, shorewall? There've been others before that.
Well, firing up yast and turning it off isn't rocket science, but sure, an option somewhere on the advanced install procedure couldn't hurt.
How would they know it is on or where to go to turn it off if they were new to OpenSuse?
So are you saying, or do you believe that if you don't force the security policy on users, it won't be of any value?
Pretty much.
Um again, difference between installing it on, or installing pre- configured & off.
Ie: regular users, and that includes many developers, anyone not specialized in linux security in fact, don't really know how to configure something like AppArmor or SELinux, and if they know, they don't want to have to spend the time to do it on every installation.
Well, firing up yast and turning it ON isn't rocket science...
For the ones that do not know, having it on by default is a necessity, since they won't even think of turning it on. And those are probably over 90% of the target audience.
For the ones that do not know opensuse has a non-default security, they won't even know what to turn off, let alone where.
And in this field (security), statistics matter. Securing 1% of the target audience is worth nothing, well, unless that 1% happens to work on a nuclear reactor or something critical like that. But having a good chunk of the install base vulnerable just encourages botnet proliferation, and that's a problem for us all.
Documentation? Botnets have not been a problem on Linux -- especially those configured with firewalls. Maybe you are thinking Windows? ;-)
SELinux is built-in by default. If they want SELinux, has it been tested with AppArmor?
SELinux and AppArmor were developed in parallel IIRC, ie: they're two technologies with the same aim.
I don't think they're exclusive technically speaking (ie: with a lot of love they could be made to work together), but I do believe they're not intended to coexist.
There's also the Biba+Bell La-Padula security models embodied in Smack. It has had the benefit of being a tried and true method for DOD machines since the 80's.
I wouldn't use them as role models. Nor the others you mention.
Does apparmor support chksum based rules, or path only?
As for it possibly only protecting niche users -- maybe only niche users need that level of protection -- vs. the accompanying problems of programs not working.
Most common error of those that don't know about security.
The most common error of those who think they know about security is that they know about how to help everyone else.
Security isn't an individual thing.
First thing many product vendors could get right is to not assume they know what is best for all users. Only notable problem I had with a mixed linux/Windows environment, was the linux sendmail being misconfigured upon upgrade to stop enforcing my access list. It was caught before much damage happened, but apparmor wouldn't have helped because it was right after an upgrade and no baseline for the new apps had been set, so any new rules that were needed would likely have been missed in setup-related approvals.
Generally, you don't let other people log onto your computer. If they have gotten that far, that's bad. AppArmor, is more for internal threats initiated from the computer on parts of itself.
Nope, AppArmor is for damage contention. WHEN some of your apps' security gets breached, AppArmor stops it from spreading harm.
--- If one app, inside your perimeter loses protection, isn't it stopping the spreading by putting up a wall between apps on the same computer? -- i.e. what is now an internal threat initiated internally (from the compromised app) upon other parts of your computer or network?
That type of security policy might be more useful in protecting computers FROM the USERS... Turning it on by default, certainly indicates an unwillingness to even give users a choice of what security mechanisms they want on their computer.
FUD
--- So making things clear and apparent to users is FUD, while doing things without their consent is fine? You got FUD backwards. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org