[Apparmor-general] apparmor vs chroot
jesse michael
jmichael at suse.de
Tue Mar 6 23:51:11 MST 2007
On Tue, Mar 06, 2007 at 10:13:50PM -0800, Crispin Cowan wrote:
> Replacing chroot with AppArmor profiles has the advantages of:
* doesn't use completely separate set of files
> Chroot has the advantage of:
* uses completely separate set of files
Depending on your point of view, that chroot jails can use a separate
set of files for things that run inside the jail can be either a plus
or a negative.
It all depends on if and how you want share things between the code
that runs in a restricted environment and the rest of the system.
More information about the Apparmor-general
mailing list