• Hellfire103@lemmy.caOP
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    2 days ago

    Qubes is specialised, whereas Fedora is a general purpose distro with a security focus.

          • qqq@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            2 days ago

            AppArmor is great but it isn’t nearly as powerful as SELinux. Way more user friendly though.

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 days ago

              It can be but it takes a lot more effort.

              SELinux: high bar to entry but extremely power right away

              Apparmor: lower bar to entry but much harder to get advanced functionality and control

              • qqq@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                2 days ago

                Yea, but there are also some things AppArmor just can’t do. Although in my experience most aren’t as big of a deal. Things like saying “only processes of this type can bind to port X” for example and much more fine grained control of file or directory actions. Does AppArmor provide kernel module controls?

                They both have really bad documentation though :(