perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject FYI: AppArmor - makes mod_perl/mod_php safer on linux
Date Sat, 08 Apr 2006 00:09:20 GMT
I was just at cansecwest (http://cansecwest.com/) here in Vancouver, and 
went to a talk by Crispin Cowan from Novell. He presented AppArmor which 
confines the application into a restricted mode (which files it can access 
and what it can and cannot do). Unlike jail/chroot AppArmor allows you to 
provide different profiles per script, so it might be very useful to ISPs 
which need to protect one user from another. It works as a linux security 
module (LSM) so there is very little overhead and no need to patch your 
kernel.

I haven't used it myself, but I think some of the mod_perl users can 
benefit from it. I don't know why Novell folks didn't announce it to this 
list.

more info at:
http://www.novell.com/products/apparmor/
http://www.novell.com/documentation/apparmor/
mod_perl is specifically mentioned on page 4 at:
http://www.novell.com/collateral/4821055/4821055.pdf

-- 
_____________________________________________________________
Stas Bekman mailto:stas@stason.org  http://stason.org/
MailChannels: Assured Messaging(TM) http://mailchannels.com/
The "Practical mod_perl" book       http://modperlbook.org/
http://perl.apache.org/ http://perl.org/ http://logilune.com/


Mime
View raw message