[Whonix-devel] AppArmor
adrelanos
adrelanos at riseup.net
Fri Aug 9 04:49:44 CEST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Jason Ayala:
> Adrelanos recently mentioned AppArmor in the forum in relation to
> the latest freedom hosting js exploit. I argue that apparmor is
> poorly developed, underpowered, and poorly understood.
Really? :/
> Real sandboxing will only happen with a move to Qubes OS.
Those two are not mutually exclusive. Together with compiler
hardening, they're all useful.
> I don't mean to bring up sandboxing or Qubes OS though, just that
> AppArmor isn't worth working on.
Is it really that bad?
> (For example, it would NOT have prevented the FH js exploit).
Why not?
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJSBFjGAAoJEJwTGtNxOq7vFxYP/1jwZIYSYFsLphErnWyvs0qv
CIOdaZKbIg6gNi79X9Ek5URfmqZzBpiBZqPkWTGrrYMhrCOoHPLGbGGzotPZmH4W
M8gsWc8RSA3nd7X8GshxdJcJfqYmovz+dKQ5KTjnuWELNZkeBWoC3VghYF0llp/4
JcxUgTe1TLfKN8Hf+uYZ7oxkRAPLIHzP5GOly67S9JpywyMjMZ0zYHDlCh8vx8Zy
piVV/8sGN8hJkk0U0tnigh3YUMNBeOFpA0qrYOmO/9UUZRKIgGKlo0rytRjlSGCQ
cn1jsqCl+BAgGbb/kNnArRhU1Kqe6l3FP8RynEbvtS0Ok8WHWXFGg8uc4Wua++xl
j5yr5kW+O+YcwYlkpYpPyo7TBUdkpILjsIokRNLHaUXIKF7/XiY5vc/FeNYZyc6g
5NS9ldbkbjet+TasBKdxcN8G6OWhWj+TlULmj03oGKtQs+I/WxkCuZb3+DifuYjP
0iMPS9sVZtltravuOjiikPuZ35nH5WASlZduzaegOM1gkvn+q5k6NkDz1MeHs2VR
2n1udv8djDY/6NV+ARVGUGBmPy+iBFNe0RMWzOxBWnwrR1D80sJQ9Zyljwf6Jv1L
L8pg6PMXlrtDENVbuMbwqu7CBDNUm0XN7MMNMuMOrKjXV8SzAhpelyRv91KF+A/V
sfedX/0/vh85N/LqyjiV
=Bw3H
-----END PGP SIGNATURE-----
More information about the Whonix-devel
mailing list