REPLY: 49418.linux@1:103/705 2c2bdcde
MSGID: 2:423/39 67c5f763
CHRS: LATIN-2 2
TZUTC: 0100
TID: CrashMail II/Linux 1.5.1
Hello Alys!

03 Mar 25 09:24, you wrote to me:

 AW> I'm pretty sure that SELinux is a bunch of kernel modifications and
 AW> LSM's, whereas Landlock LSM is 1 module that can sandbox processes to
 AW> mitigate fatal failure, the spread of Malware, etc...

Reading more artciles about it. Looks like the most difference is that
Landlock is available for unpriviledged users to limit their processes where
SELinux is managed from priveledged account (administration).

(if documentation is actual what I see) there is some part missing to tackle:
networking (at least what I see, added recently/month ago).

Last but not least: landlock can not protect itself against beeing tampered.
To protect Landlock you need admin level behind (like SELinux).

For sure I will check that, when I have time. Thank you for tip.

(Unfortunatelly I am not experienced enough to have deeper insigt).

Karel

--- GoldED+/LNX 1.1.5-b20240209
 * Origin: Plast DATA (2:423/39)
SEEN-BY: 18/200 19/10 50/22 105/81 106/201 128/187 129/305 153/757
SEEN-BY: 153/7715 154/10 110 203/0 218/700 840 221/1 6 242 360 226/30
SEEN-BY: 227/114 229/110 111 114 206 275 300 317 400 426 428 470 550
SEEN-BY: 229/616 664 700 705 266/512 280/464 5003 291/111 292/854
SEEN-BY: 301/1 320/219 322/757 335/364 341/66 234 342/200 396/45 420/33
SEEN-BY: 420/333 421/79 83 423/36 39 81 120 121 460/58 256 1124 5858
SEEN-BY: 633/280 712/848 902/26 5054/30 5075/35
PATH: 423/39 81 221/1 6 460/58 229/426