Hi everybody and people enthusiastic about system security, let me right away "beg you pardon" for directly asking some question. This is because I have NOT found some conclusive answers by browsing the archives. ANY help and comment and hint is appreciated. (1) concurrency vulnerability and Apparmor(AA)? -><cite>your opinion, is AA safe against vulnerability arrising from execution concurrency in Multiprocessor environments? </cite><cite><a href="http://www.cl.cam.ac.uk/teaching/0809/Security/">www.cl.cam.ac.uk/teaching/0809/Security/</a>concurrency.pdf - gives a good introduction to this tread. (2) What is the deal with the complain(I), enforced(II) , "not-yet-enabled"(III) states a executable can be in? So to say a root executed executable not having a profile is allowed everything, right? Im a sorry for this stupid question, but as I understand AA is not build according to the "everything that is not exprlecitely allowed is forbidden" but rather "everything that is not </cite><cite>exprlecitely forbidden is allowed", true? (3) Paranonia, do you think the LSM /security part of the linux kernel is "watched" and regularily audited to not have a NSA , secret service backdoor? This more general is a concern I am not having any idea to address because only by being "open" the source does not manditorily need to have some people with "good intentions" watching/checking it? Actually I expect most code not to be audited and feel at loss to the "volume" making it impossible to check it myself. any suggestions here? (4) the Apparmor in Ubuntu 10.10 regular install and its profiles are not "very develloped" right? Maybe somebody can comment on this, it would help me evaluate if what I see on a ordinary Ubuntu install is already safe? I actually do not think so as I would doubt the distributors sacrificed "problem-free-delployment-distro" for less safe. Hence not very harsh rules to not risk "problems". Any comment would help Best regards Alexander </cite><cite></cite>