all InfoSec news
Container security fundamentals part 5: AppArmor and SELinux
Datadog Security Labs securitylabs.datadoghq.com
Throughout this series, we've covered various layers of security that can isolate containers not only from other processes on the host but also from their underlying host. In this post, we'll discuss how AppArmor and SELinux can provide additional restrictions beyond the other layers of isolation we've previously discussed.
Mandatory Access Control Systems
AppArmor and SELinux are examples of Mandatory Access Control (MAC) systems. These systems differ from other security controls (which are generally called Discretionary Access Control (DAC) …
access access control apparmor beyond container containers container security control discuss fundamentals host isolation mandatory access control processes restrictions security selinux series