Included as part of lecture: PracticalPersonal.html
Skype uploadded shadow files, MS got hand caught in cookie jar by
apparmor, and recently does it again:
https://www.osnews.com/story/137828/new-outlook-sends-passwords-mails-and-other-data-to-microsoft/
https://mailbox.org/en/post/warning-new-outlook-sends-passwords-mails-and-other-data-to-microsoft
https://en.wikipedia.org/wiki/Linux_Security_Modules
Linux Security Modules (LSM) is a framework that allows the Linux
kernel to support a variety of computer security models,
while avoiding favoritism toward any single security
implementation.
The framework is licensed under the terms of the GNU General Public
License,
and is standard part of the Linux kernel since Linux 2.6.
AppArmor, SELinux, Smack, TOMOYO Linux, and Yama are the currently
accepted modules in the official kernel.
https://en.wikipedia.org/wiki/AppArmor
AppArmor supplements the traditional Unix discretionary access
control (DAC) model by providing mandatory access control (MAC).
Defined by central configuration files, without modifying files or
processes
Restricts only user-specified processes (defined by path) access over
entities (files, network, etc.)
https://help.ubuntu.com/community/AppArmor
https://debian-handbook.info/browse/stable/sect.apparmor.html
https://doc.opensuse.org/documentation/leap/security/html/book.security/part.apparmor.html
https://en.wikipedia.org/wiki/Security-Enhanced_Linux
SELinux also supplements the traditional Unix discretionary access
control (DAC) model by providing mandatory access control (MAC).
Denies all requests by default.
Defined by labels on files and processes as part of file-system,
rather than merely a central configuration.
Everything gets labeled, processes, users, files, ports, etc.,
and permissions map these groups to each other.
Typical policy is distributed by the operating system (e.g., Fedora,
CentOs),
but these are designed to be permissive, and tend to be
server-focused.
https://opensource.com/business/13/11/selinux-policy-guide
https://doc.opensuse.org/documentation/leap/security/html/book.security/part.selinux.html
https://wiki.centos.org/HowTos/SELinux
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/selinux_users_and_administrators_guide/
http://selinuxgame.org/
https://serversforhackers.com/c/battling-selinux-cast
+++++++++++++++++++++ Cahoot-21d.1