Which module is "best"?

From: Daniel Carrera (dcarreraat_private)
Date: Sun Mar 09 2003 - 14:59:54 PST

  • Next message: Petr Baudis: "[PATCH] kobject support for LSM core"

    I want to try to learn one of the LSM modules, but I have little 
    clue as to which one I should pick.
    I've read a couple of papers explaining SELinux and its model of MAC.    
    I was very impressed and I'm leaning towards this one.  However, I'm
    concerned that it's only a research project.  Is SELinux meant for
    production systems? or is it just a proof of concept?
    In other words, is SELinux a good option?
    As for the others (DTE, Openwall, LIDS, POSIX capabilities), are they
    comparable in security to SELinux?
    I am very interested in bringing the security of my Linux system 
    beyond the traditional super-user model.  If I only have time to learn 
    one ofthese systems, which one should I go for?
    Is it possible that someone could give me a brief run-down of what
    sets them appart?  I'm stuggling to figure out what these systems do.
    Thanks for the help,
    Daniel Carrera
    Graduate Teaching Assistant.  Math Dept.
    University of Maryland.  (301) 405-5137
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Mar 10 2003 - 12:57:36 PST