The Waltham, Massachusetts-based Linux and identity management vendor has released the core components of its AppArmor framework under the GNU General Public License and created a project for its development on the openSUSE community.
The AppArmor technology is designed to prevent against external and internal application-level attacks, viruses, and malicious code, and includes configuration and monitoring tools integrated with the Linux operating system. It has been available with SUSE Linux 10.0 since October 2005.
It is based on Mandatory Access Control, which provides granular permissions for users, programs, processes, files and devices. Standard Linux security is based on Discretionary Access Control, which gives super-user accounts complete control over all aspects of the system.
Novell’s chief Linux competitor, Red Hat Inc, also makes use of Mandatory Access Control through its integration of Security Enhanced Linux (SELinux) functionality originally developed by the National Security Association.
Novell argues that the AppArmor approach, which was developed by Immunix in conjunction with the Defense Advanced Research Projects Agency, is more flexible and does not require changes to the file system or applications.
