AppArmor
AppArmor
|
|
---|---|
Basic data
|
|
developer | Immunix / Novell / Mercenary Linux / Canonical |
Current version | 2.13.3 (June 18, 2019) |
operating system | GNU / Linux |
programming language | C , Perl , Python |
category | Security software |
License | GNU General Public License |
gitlab.com/apparmor |
AppArmor ( Application Armor , in German for example application (program) armor ) is free security software for Linux that can be used to assign or revoke certain rights to individual programs. With this extension the Mandatory Access Control (MAC) is implemented.
functionality
Just like SELinux, the software uses the Linux Security Modules interface. It runs as a kernel module and directly controls the access rights of the individual processes at the highest system level. This preventive protection is intended to protect applications from security holes that are not yet publicly known, so-called zero-day exploits . Which access a program needs in order to work normally is determined by profiles with individual security guidelines. For standard software used on a GNU / Linux system such as the CUPS print server , pre-defined profiles are supplied. Users and system administrators can also create their own profiles for applications. Another possibility is to use adaptive filters while a program is in normal operation.
history
AppArmor was initially developed by Immunix. In 2005, it was taken over by Novell , where the software was further developed and expanded. In October 2007, however, Novell fired the programmers working on it and parted with the development of AppArmor. The released developers planned to continue the project under the newly founded company Mercenary Linux . Several attempts to incorporate AppArmor into the Linux kernel failed because of concerns that files are recognized by their filenames and not by their attributes, such as with SELinux . Canonical has been working intensively on AppArmor since 2009 . With Linux 2.6.36 it became part of the kernel.
AppArmor is currently used in the distributions openSUSE , Debian and Ubuntu . With version 2010.0, Mandriva switched to Tomoyo .
Web links
- Developers page for user space programs (English)
- AppArmor - Linux Application Security at Novell (English)
- AppArmor in the openSUSE Wiki with lots of additional information on how it works etc.
- AppArmor user guide in the ubuntuusers.de Wiki
Individual evidence
- ↑ Home. In: AppArmor Wiki. Retrieved June 18, 2019 .
- ↑ packages.debian.org .
- ^ Novell lays off AppArmor programmers . CNET. October 10, 2007. Retrieved November 10, 2010.
- ↑ https://www.heise.de/newsticker/meldung/Novell-trennt-sich-von-der-AppArmor-Ententwicklung-184689.html
- ↑ Changelog Linux 2.6.36 ( Memento from June 12, 2011 in the Internet Archive )
- ↑ heise online: Linux developer changes to Microsoft's Windows Security Team
- ↑ Chapter 2. What's New in Debian 10. Retrieved July 8, 2019 .
- ↑ pro-linux: Mandriva Linux 2010.0