[SLUG] AppArmor

From: Mike Branda (mike@wackyworld.tv)
Date: Fri Dec 30 2005 - 13:47:18 EST


Hello All,

Haven't seen John from Novell on the list in a while but does anybody
else know anything about this?? Apparently Novell acquired Immunix and
is including AppArmor in the SuSE 10 release. It's a YaST funtion with
Profiles, Reports and an AppArmor control panel. The thing is....Novell
is selling the sucker for $1250 for a 1-2 CPU machine as a standalone
product. So why is it included for free in SuSE 10? is it less of a
product? It doesn't sound like it from the docs.

quotes from file below:

AppArmor provides streamlined access control for network services
by specifying which files each program is allowed to read, write, and
execute. This ensures that each program does what it is supposed to
do, and nothing else.

AppArmor profile components are called AppArmor Rules. Currently
there are two main types of AppArmor rules, path entries and capability
entries. Path entries specify what the process can access in the
filesystem and Capability entries provide a more fine-grained control
over what a confined process is allowed to do through other system
calls that require privileges. Includes are a type of meta-rule or
directives that pull in path and capability entries from other files.

http://www.novell.com/documentation/apparmor/pdfdoc/immunizing_applications_1_01novell/immunizing_applications_1_01novell.pdf

2 More highlights from things I found on the web:

Immunix products use technology originally developed in conjunction with
the Defense Advanced Research Projects Agency (DARPA) to protect systems
from both known and unknown attacks, without the need for signature
updates

And because Novell AppArmor provides proactive security, protecting even
against "zero-day" attacks, businesses can be confident that their
critical assets are protected without expending resources on costly
emergency patching.

Anybody use this yet or hear/have any feedback??

Mike Branda Jr.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:29:23 EDT