Landlock-ing Linux (prizrak.me)

by
corbet
from LWN.net on (#71TX3)
The prizrak.me blog is carrying an introduction to theLandlock security module.

Landlock shines when an application has a predictable set of filesor directories it needs. For example, a web server could restrictitself to accessing only /var/www/html and /tmp.

Unlike SELinux or AppArmor, Landlock policies don't requireadministrator involvement or system-wide configuration. Developerscan embed policies directly in application code, making sandboxinga natural part of the development process.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments