Posted by: Anonymous Coward
on February 27, 2007 05:09 AM
SELinux and AppArmor offer application level protection but they do it in a far different way than the likes of ZoneAlarm. With SELinux and AppArmor you have to configure policies and profiles for each application you choose, but they don't do anything for applications that you don't specify and they are difficult and cumbersome to setup for applications that you do choose. I don't want to create an AppArmor profile for ls and cp and mv and less and... You get the idea.
ZoneAlarm et al simply deny all applications access to the network by default and prompt the user as to whether or not to allow that application access in the future. For example: 'Kwrite is attempting to access the network. Allow Once, Allow Always, Deny Once, Deny Always?'
Perhaps someone will adapt AppAmor and add a simple GUI interface to make this happen but, so far, I haven't seen anything like this for the Linux platform.
Learn about Linux
Download Linux
Get Linux help
Not Exactly.
Posted by: Anonymous Coward on February 27, 2007 05:09 AMZoneAlarm et al simply deny all applications access to the network by default and prompt the user as to whether or not to allow that application access in the future. For example:
'Kwrite is attempting to access the network.
Allow Once, Allow Always, Deny Once, Deny Always?'
Perhaps someone will adapt AppAmor and add a simple GUI interface to make this happen but, so far, I haven't seen anything like this for the Linux platform.
#