RE: [SLUG] AppArmor

From: Ken Elliott (kelliott4@tampabay.rr.com)
Date: Fri Dec 30 2005 - 14:07:20 EST


>> The thing is....Novell is selling the sucker for $1250 for a 1-2 CPU
machine as a standalone product. So why is it included for free in SuSE 10?

I don't know for sure, but it looks like the differences are:
Enterprise Server vs. workstation
Automatic updates

I see where the server version included automatic kernel updates, and I'll
bet that's the biggie. Frankly, if they are giving us AppArmor in SuSE 10
for no extra charge, I'm impressed. Way to go Novell.

Naturally, that means we are somewhat of a guinea pig for this, and that's
cool... Well for some of us...

Ken Elliott

=====================
-----Original Message-----
From: slug@nks.net [mailto:slug@nks.net] On Behalf Of Mike Branda
Sent: Friday, December 30, 2005 1:47 PM
To: slug@nks.net
Subject: [SLUG] AppArmor

Hello All,

Haven't seen John from Novell on the list in a while but does anybody else
know anything about this?? Apparently Novell acquired Immunix and is
including AppArmor in the SuSE 10 release. It's a YaST funtion with
Profiles, Reports and an AppArmor control panel. The thing is....Novell is
selling the sucker for $1250 for a 1-2 CPU machine as a standalone product.
So why is it included for free in SuSE 10? is it less of a product? It
doesn't sound like it from the docs.

quotes from file below:

AppArmor provides streamlined access control for network services by
specifying which files each program is allowed to read, write, and execute.
This ensures that each program does what it is supposed to do, and nothing
else.

AppArmor profile components are called AppArmor Rules. Currently there are
two main types of AppArmor rules, path entries and capability entries. Path
entries specify what the process can access in the filesystem and Capability
entries provide a more fine-grained control over what a confined process is
allowed to do through other system calls that require privileges. Includes
are a type of meta-rule or directives that pull in path and capability
entries from other files.

http://www.novell.com/documentation/apparmor/pdfdoc/immunizing_applications_
1_01novell/immunizing_applications_1_01novell.pdf

2 More highlights from things I found on the web:

Immunix products use technology originally developed in conjunction with the
Defense Advanced Research Projects Agency (DARPA) to protect systems from
both known and unknown attacks, without the need for signature updates

And because Novell AppArmor provides proactive security, protecting even
against "zero-day" attacks, businesses can be confident that their critical
assets are protected without expending resources on costly emergency
patching.

Anybody use this yet or hear/have any feedback??

Mike Branda Jr.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages posted
are those of the author and do not necessarily reflect the official policy
or position of NKS or any of its employees.

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:29:29 EDT