perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <>
Subject FYI: AppArmor - makes mod_perl/mod_php safer on linux
Date Sat, 08 Apr 2006 00:09:20 GMT
I was just at cansecwest ( here in Vancouver, and 
went to a talk by Crispin Cowan from Novell. He presented AppArmor which 
confines the application into a restricted mode (which files it can access 
and what it can and cannot do). Unlike jail/chroot AppArmor allows you to 
provide different profiles per script, so it might be very useful to ISPs 
which need to protect one user from another. It works as a linux security 
module (LSM) so there is very little overhead and no need to patch your 

I haven't used it myself, but I think some of the mod_perl users can 
benefit from it. I don't know why Novell folks didn't announce it to this 

more info at:
mod_perl is specifically mentioned on page 4 at:

Stas Bekman
MailChannels: Assured Messaging(TM)
The "Practical mod_perl" book

View raw message