Other Systems
SELinux represents one of several possible approaches to the problem of restricting the actions that installed software can take.
The AppArmor system generally takes a similar approach to SELinux. One important difference is that AppArmor identifies file system objects by path name instead of inode. This means that, for example, a file that is inaccessible may become accessible under AppArmor when a hard link is created to it, while SELinux would deny access through the newly created hard link. SELinux and AppArmor also differ significantly in how they are administered and how they integrate into the system.
Isolation of processes can also be accomplished by mechanisms like virtualization; the OLPC project, for example, in its first implementation sandboxed individual applications in lightweight Vservers.
Read more about this topic: Security-Enhanced Linux
Famous quotes containing the word systems:
“Our little systems have their day;
They have their day and cease to be:
They are but broken lights of thee,
And thou, O Lord, art more than they.”
—Alfred Tennyson (1809–1892)
“In all systems of theology the devil figures as a male person.... Yes, it is women who keep the church going.”
—Don Marquis (1878–1937)