Linked by Thom Holwerda on Tue 10th Jan 2006 15:25 UTC
"On Tuesday, Novell announced the creation of the AppArmor project, a new GPL open-source project dedicated to advancing Linux application security. Novell's AppArmor is an intrusion-prevention system that protects Linux and its applications from the effects of attacks, viruses and malicious applications. AppArmor is based on technology that Novell acquired from Immunix, a leading provider of Linux host-based application security solutions, when it purchased the company in May 2005."
Thread beginning with comment 84011
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Solaris has a privilege training mode already
by Robert Escue on Tue 10th Jan 2006 17:11
in reply to "Solaris has a privilege training mode already"
Member since:2005-07-08
Member since:
2005-11-17
We had a "training" mode in Trusted Solaris 1.2 c. 11 years ago. It would allow the applications to run with the necessary privilege and log (to the audit log the privileges, uid/gid/ruid/rgid etc) that was used. You could then build a profile out of that. Trusted Solaris 8 still has this capability today.
A similar feature was carried over to Solaris 10's ppriv(1) command. There will be a article written by myself and Glenn Brunette on the Sun Blueprints (http://sun.com/blueprints) site describing how to do privilege profiling beyond what you can do with ppriv(1) for Solaris 10 probably published in Feburary.