Other Systems
SELinux represents one of several possible approaches to the problem of restricting the actions that installed software can take.
The AppArmor system generally takes a similar approach to SELinux. One important difference is that AppArmor identifies file system objects by path name instead of inode. This means that, for example, a file that is inaccessible may become accessible under AppArmor when a hard link is created to it, while SELinux would deny access through the newly created hard link. SELinux and AppArmor also differ significantly in how they are administered and how they integrate into the system.
Isolation of processes can also be accomplished by mechanisms like virtualization; the OLPC project, for example, in its first implementation sandboxed individual applications in lightweight Vservers.
Read more about this topic: Security-Enhanced Linux
Famous quotes containing the word systems:
“Not out of those, on whom systems of education have exhausted their culture, comes the helpful giant to destroy the old or to build the new, but out of unhandselled savage nature, out of terrible Druids and Berserkirs, come at last Alfred and Shakespeare.”
—Ralph Waldo Emerson (1803–1882)
“The skylines lit up at dead of night, the air- conditioning systems cooling empty hotels in the desert and artificial light in the middle of the day all have something both demented and admirable about them. The mindless luxury of a rich civilization, and yet of a civilization perhaps as scared to see the lights go out as was the hunter in his primitive night.”
—Jean Baudrillard (b. 1929)