openSUSE Linux 12.1: Create a new AppArmor.
More details:
On Fri, 05 Aug 2011 15:56:03 +0000, genixinfo wrote:
> openSUSE Linux 12.1: Create a new AppArmor.
>
>
> More details:
>
> https://features.opensuse.org/312714
You do realise that this and the “new firewall” feature suggestion
require massive amounts of engineering rework that is unlikely to
happen, don’t you? It’s not a question of “throw all the code into one
bucket, compile, and presto, it’s a new program that has all the features
of the dozens of different systems you propose merging” - and that’s not
going to happen before 12.1 is released.
I would suggest rather than filing “hundreds” of feature requests that
you take some time and pick the ones that you think have the most
merit, lest people dismiss your suggestions out of hand because you seem
to be spamming the feature request system with every idea that enters
your head.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
hendersj,
I understand. I know that openSUSE Linux has a team that looks at what can and can not be implemented and that some things that I said will it take to be implemented or may not be implemented in version 12.1, to be a lot of ideas that take time and development, even more so, I say what are my ideas, because if it is rejected now, in version 1.12, may be accepted in future version: 12.2.
I am acting in the present, thinking about the future.
Because I want to help the openSUSE Linux.
On Fri, 05 Aug 2011 22:16:02 +0000, genixinfo wrote:
> hendersj,
>
>
> I understand. I know that openSUSE Linux has a team that looks at what
> can and can not be implemented and that some things that I said will it
> take to be implemented or may not be implemented in version 12.1, to be
> a lot of ideas that take time and development, even more so, I say what
> are my ideas, because if it is rejected now, in version 1.12, may be
> accepted in future version: 12.2.
>
> I am acting in the present, thinking about the future.
>
>
> Because I want to help the openSUSE Linux.
It’s good that you want to help, I just am concerned that with as many
suggestions as you make that you might not be taken seriously because the
scope of many of the things you suggest is so broad and unlikely to
happen. For example, combining AppArmor, SELinux, and all the other
options here doesn’t take into consideration the diversity of the
different teams, the feature overlap and implementation differences.
Such an undertaking, if it were even to be engaged upon, would take years
of work to pull off.
That’s why I suggest that you keep some perspective on what realistically
would be accomplished before submitting an idea, lest an idea that is
feasible and likely to be implemented be overlooked because so many of
your suggested enhancements are outside the realm of what is likely or
feasible.
Just trying to help you make a more solid contribution. 
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
hendersj,
I understand. About AppArmor, I summarize what is needed in some links:
chkrootkit, rkhunter, MAC, RBAC and ACLs.
A review on the subject:
On Sat, 06 Aug 2011 15:36:02 +0000, genixinfo wrote:
> I understand. About AppArmor, I summarize what is needed in some links:
Again, you need to understand (and I don’t think you do) that there is a
level of infeasability in many of your proposals that is going to get you
ignored in openFATE. I noticed that your recent suggestion to create a
new YaST received similar feedback in the entry in openFATE.
Your feature requests need to have specificity, not just “combine x, y,
and z” together. Explain what the missing functionality is - in detail -
so those evaluating the feature request can do it.
The more work you make those evaluating the requests do, the less likely
anything will be done other than the feature will be rejected.
Feature requests should be specific and point out very specific areas for
improvement, and rather than proscribing components to combine, just
state “YaST needs a module to manage sshd; the benefit would be ‘x’”.
Put them in terms that clearly demonstrate what the benefit is, and make
them granular rather than broad.
Does that make sense?
It also isn’t necessary to post a thread here every time you submit a
feature request. The people here generally don’t make the decision about
a feature, and even if a request gets a lot of votes, if it’s too broad,
it’s very likely going to be rejected.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Sun, 07 Aug 2011 00:50:54 +0530, Jim Henderson
<hendersj@no-mx.forums.opensuse.org> wrote:
> On Sat, 06 Aug 2011 15:36:02 +0000, genixinfo wrote:
>
>> I understand. About AppArmor, I summarize what is needed in some links:
>
> Again, you need to understand (and I don’t think you do) that there is a
> level of infeasability in many of your proposals that is going to get you
> ignored in openFATE. I noticed that your recent suggestion to create a
> new YaST received similar feedback in the entry in openFATE.
>
> Your feature requests need to have specificity, not just “combine x, y,
> and z” together. Explain what the missing functionality is - in detail -
> so those evaluating the feature request can do it.
>
> The more work you make those evaluating the requests do, the less likely
> anything will be done other than the feature will be rejected.
>
> Feature requests should be specific and point out very specific areas for
> improvement, and rather than proscribing components to combine, just
> state “YaST needs a module to manage sshd; the benefit would be ‘x’”.
>
> Put them in terms that clearly demonstrate what the benefit is, and make
> them granular rather than broad.
>
> Does that make sense?
>
> It also isn’t necessary to post a thread here every time you submit a
> feature request. The people here generally don’t make the decision about
> a feature, and even if a request gets a lot of votes, if it’s too broad,
> it’s very likely going to be rejected.
>
> Jim
>
i think for the present level of knowledge and understanding the original
poster has right now, it would be better to post his ideas to the ‘general
chit chat’ forum. there he should explain in some detail what he wants to
achieve, why that would be a good idea. then others with more experience
and sufficient time could explain to him why most of his suggestions are
impractical. in this way he could learn a little more about how this
works. posting to this prerelease-beta forum and/or making feature
requests will teach him nothing, and all his suggestions will be ignored
out of hand.
–
phani.
You want me to be more specific, so here it goes:
Rookit attacks.
I know, I gotta go straight at the root of my idea.
Regarding the posts on the forum, I think the more people thinking, faster, you arrive at a consensus.
On 2011-08-07 01:16, genixinfo wrote:
>
> You want me to be more specific, so here it goes:
>
>
> ‘Rookit’ (http://en.wikipedia.org/wiki/Rootkit) attacks.
That’s not specific enough. How exactly do you propose to fight them? In
broad pseudocode, please.
>:-)
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
On Sat, 06 Aug 2011 23:16:02 +0000, genixinfo wrote:
> You want me to be more specific, so here it goes:
>
>
> ‘Rookit’ (http://en.wikipedia.org/wiki/Rootkit) attacks.
>
>
>
> I know, I gotta go straight at the root of my idea.
>
>
>
> Regarding the posts on the forum, I think the more people thinking,
> faster, you arrive at a consensus.
If you’re too generic, people aren’t going to think, they’re going to
dismiss.
That isn’t an example of being more specific in a feature request. It’s
a word. What do you want to do about rootkit attacks? How do you want
to specifically deal with them? That’s what you need for a
successful rootkit.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Sun, 07 Aug 2011 02:51:08 +0000, Jim Henderson wrote:
> That’s what you need for a successful
> rootkit.
Duh, what I meant to write was “a successful feature request.”
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 08/07/2011 01:16 AM, genixinfo wrote:
> You want me to be more specific, so here it goes:
>
> ‘Rookit’ (http://en.wikipedia.org/wiki/Rootkit) attacks.
WHAT? just because you discovered an article first written in 2003
doesn’t mean you are now qualified to suggest “create a new AppArmor”…
heck i read that article (and i think probably referenced a different
new guy to read it years before you joined this forum…so, what am i
supposed to learn today that the FATE folks need to get busy on?? see,
all those developers have been creating ways to avoid and/or discover
root kits before i knew what they were, in the late 1990s…so, now you
want them to read the article, and do what?
your suggestions are not.
–
DD
Caveat-Hardware-Software
openSUSE®, the “German Engineered Automobiles” of operating systems!
I think we have missed the greatest contribution by the OP: he’s discovered interuniverse travel because obviously he lives in a different one. 
I have no pseudocode, I do not want to generalize.
I suggest that AppArmor, act as the MSEC.
See how it works:
The MSEC is a software that has some safety rules, safety rules among these is chkrootkit.
The MSEC monitors and reports any changes that interfere with system security.
On 08/09/2011 08:56 PM, genixinfo wrote:
>
> I suggest that AppArmor, act as the MSEC.
>
you should get busy doing the programming and development of these new
application that you have decided are needed…
since the source code is all open, all you have to do is get busy
writing code, rather than just more and more words that do nothing
toward getting new programs…
which programming languages are you most proficient in?
–
DD
openSUSE®, the “German Engineered Automobiles” of operating systems!
DenverD,
I’m just a contributor to the openSUSE Linux.
I do not want to recreate the wheel or copy that exists, just want to improve AppArmor, adding what is missing, my words have key words to do this, just adding some components without having to program from scratch again AppArmor, adding chkrootkit, is already good.
On Tue, 09 Aug 2011 20:26:03 +0000, genixinfo wrote:
> I’m just a contributor to the openSUSE Linux.
>
> I do not want to recreate the wheel or copy that exists, just want to
> improve AppArmor, adding what is missing, my words have key words to do
> this, just adding some components without having to program from scratch
> again AppArmor, adding chkrootkit, is already good.
Do you understand that Discretionary Mandatory Access Controls and
checking for Rootkits are two entirely different and unrelated things?
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
Currently, if i am right, you have made several suggestions for what you consider to be improvements.
In every case, there are doubts from everyone else whether these would truly prove to be improvements and whether they have been described in enough detail to constitute requirements*.
If all this does, as seems to be the case, so far, is to raise some dust, cause some distraction, but not actually lead to any progress, then you only contribution will have been negative. In your ‘firewall’ thread, I have given my opinion of what you have to do in order to turn that situation around, but seemingly you do not wish to take any notice. I have also to say that phani’s suggestion might be another good way forward, too.
*I’m using the word ‘requirements’ in the technical sense described here and here. These links (and you could find many others, but these are to hand) concern the contribution of defining requirements to the production of quality software, described as vital. I am sure that you would not want your contribution to this to be inadequate requirements, which would inevitably lead, as argued in the links, to poor quality software, and poor quality security software is an evil to be avoided at all costs.
But do you want to put in the effort required to make this work? There is no evidence of that, so far. I look forward to seeing the actual evidence of a change of approach.
So far, there has been no argument that it is appropriate to add this other function to AppArmor.
Right now, we have two different tools doing two different things. Given that you are suggesting going against the Unix philosophy, you will have to present a very impressive argument that this would be the right thing to do.
Obviously, a key word is not enough. A keyword is not a software design that can be discussed. In fact, the keyword that you chose is not even for the software that you want, but the software that you wish to counter, which is doubly inadequate.
And, anyway, it seems as if what you are asking for might be more conveniently be met by a new module for Yast that does whatever it is exactly that you want with chkrootkit (configures/runs it), which is undefined. Yes, that would give Yast another module related to security, but you have said nothing about why you see that as a disadvantage.
I take it by MSEC you don’t mean this MSEC, or we will have to have a really long discussion:
Microsoft Security Engineering Center (MSEC)
The Microsoft Security Engineering Center helps to protect Microsoft customers by delivering inherently more secure products and services, through the Microsoft Security Development Lifecycle (SDL), comprehensive security assurance in software development and state-of-the-art security science. MSEC addresses software security via three main areas—Process, People, and TechnologyThe Microsoft Security Engineering Center, the Microsoft Security Response Center (MSRC), and the Microsoft Malware Protection Center (MMPC) work together to protect Microsoft customers throughout the entire software lifecycle: development, deployment, and operations.