Richard Pieri wrote: > Tom Metro wrote: >> How is RBAC different from SELinux or AppArmor? (And why didn't they >> incorporate one of those?) > > I don't know but I can guess. It's chroot jails. Locking down chroots > is a standard feature of Grsecurity. Neither SELinux nor AppArmor are > aware of chroot contexts.
Hmmm...the Wikipedia article gave the impression that the chroot jail was separate from RBAC or at least layered above it. It isn't clear why they couldn't have taken SELinux and done the same thing. Or at most, a patched SELinux. The rule in security is that you take great pains not to reinvent the wheel unless you absolutely have to. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/ _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
