Security-Enhanced Linux - Other Systems

Other Systems

SELinux represents one of several possible approaches to the problem of restricting the actions that installed software can take.

The AppArmor system generally takes a similar approach to SELinux. One important difference is that AppArmor identifies file system objects by path name instead of inode. This means that, for example, a file that is inaccessible may become accessible under AppArmor when a hard link is created to it, while SELinux would deny access through the newly created hard link. SELinux and AppArmor also differ significantly in how they are administered and how they integrate into the system.

Isolation of processes can also be accomplished by mechanisms like virtualization; the OLPC project, for example, in its first implementation sandboxed individual applications in lightweight Vservers.

Read more about this topic:  Security-Enhanced Linux

Famous quotes containing the word systems:

    Not out of those, on whom systems of education have exhausted their culture, comes the helpful giant to destroy the old or to build the new, but out of unhandselled savage nature, out of terrible Druids and Berserkirs, come at last Alfred and Shakespeare.
    Ralph Waldo Emerson (1803–1882)

    I am beginning to suspect all elaborate and special systems of education. They seem to me to be built up on the supposition that every child is a kind of idiot who must be taught to think.
    Anne Sullivan (1866–1936)