Do you use AppArmor and what do you think about it?

CaffeineAddict

Well-Known Member
Joined
Jan 21, 2024
Messages
1,428
Reaction score
981
Credits
11,701
AppArmor is very likely already installed by default on your distro (it is here on Debian).
It is a sort of replacement of SELinux but much easier to use and manage.

What is AppArmor?

AppArmor already has some built-in rules which from my understanding come together with a package when it's installed,
however it might miss rules for some of them, this is where you can install an additional package called apparmor-utils link which let's you create custom rules automatically or edit existing ones as well as few other utility programs.

Overall what do you think about it and do you create custom rules yourself? or do you at least watch log files if there are violations?

I personally find AppArmor together with aide and debsums a good collection of software for security.
If you know of any similar software to the above 3 (excluding anti-viruses) please share.
 


Copilot

Sent by Copilot:​

AppArmor and SELinux are both Mandatory Access Control (MAC) systems that enhance security on Linux systems by controlling access to resources. Here’s a comparison of the two:
AppArmor:
SELinux:
In summary, AppArmor is known for its ease of use and is often preferred for systems where simplicity and ease of management are priorities. SELinux, on the other hand, offers a higher level of control and flexibility, making it suitable for environments that require strict security measures. The choice between AppArmor and SELinux may depend on the specific needs of the system and the expertise of the administrator.
 
Copilot

Sent by Copilot:​

AppArmor and SELinux are both Mandatory Access Control (MAC) systems that enhance security on Linux systems by controlling access to resources. Here’s a comparison of the two:
AppArmor:
SELinux:
In summary, AppArmor is known for its ease of use and is often preferred for systems where simplicity and ease of management are priorities. SELinux, on the other hand, offers a higher level of control and flexibility, making it suitable for environments that require strict security measures. The choice between AppArmor and SELinux may depend on the specific needs of the system and the expertise of the administrator.
Pretty much sums it up.
 
I'm an AppArmor user, though I don't tend to interact with it directly. It's one of those things that just runs and does what it does - as it's installed and enabled by default. I've also played with SELinux.
 


Top