Shutting out intruders with AppArmor

PROTECTIVE ARMOR

Article from Issue 69/2006

Author(s): RALF SPENNEBERG

When an attacker succeeds in infecting a victim’s system, the attacker inherits the victim’s privileges. App Armor beats the attack by reducing the potential victim’s privileges to a minimum.

Novell views AppArmor [1] as an easily configurable but effective protection system for Linux. According to the vendor, AppArmor competes with SE Linux, which has been part of the Suse distribution for quite a while now, although lacking the policies needed to run it. Whereas SE Linux is comparatively difficult to configure, but implements comprehensive MACs (Mandatory Access Control), AppArmor focuses on restricting the scope of individual applications. The Task It is an unfortunate fact that many programs suffer from bugs, and web applications are particularly badly hit. Most software is not coded by security specialists, though it may be publicly accessible via the web, and this makes it an easy target for attackers. If an attacker finds a programming error in an application, they can typically exploit the error, thus gaining access to the target system.

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES

SUBSCRIPTIONS

Print Subs

Digisubs

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia

Related content

AppArmor

After penetrating a remote system, intruders might think they are home and dry, but AppArmor spoils the fun, locking the miscreants in a virtual cage.

more »
AppArmor vs. SELinux

Security Enhanced Linux or App Armor? Linux Magazine invited two well-known personalities from Red Hat and Novell to debate the merits of their security systems.

more »
Novell Dismisses AppArmor Developer

Two years after acquiring the company that developed AppArmor Novell has dismissed the developer behind the security technology.

more »
LINUX MAGAZINE DVD

more »
Rootkits and Linux Security

Your Linux system may not be so airtight after all. To understand the threats, you need to think like an intruder. We'll show you what the intruders are thinking now about the Linux 2.6 kernel.

more »

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF:

Shutting_out_Intruders_with_AppArmor.pdf (246.52 kB)

DevOps

Reinvent your network with DevOps tools and techniques:

Opportunities and Risks: Containers for DevOps
Automated Builds Using CentOS 7 and Kickstart
Elasticsearch, Logstash, and Kibana – The ELK stack
Are you ready for DevOps? Try your luck with the beta version of Linux Professional Institute's new DevOps exam.

News

Linus Torvalds Invites Attackers to Join the Kernel Community

He wants attackers to join the community instead of attacking the code.
Oracle Donating Java EE to the Eclipse Foundation

Oracle is recommending a new name for the Java Enterprise Edition platform.
Reddit Closing Doors to Open Source

The peanut gallery of the Internet is closing its open source repository.
Largest Open Source Summit to Date Around the Corner

LinuxCon is now Open Source Summit.
Gnome is Celebrating it’s 20th Birthday

Gnome

More than 33 releases since the first release of Gnome.
SQL Server Comes to RHEL; OpenShift Comes to Azure

Microsoft and Red Hat expand their partnership.
LibreOffice 5.4 Released

Comes with improved support for Microsoft Office file formats.
Red Hat to Drop Support for Btrfs

The company is building their own storage solution called Stratis.
Reinvent your network with DevOps tools and techniques:

Opportunities and Risks: Containers for DevOps
Automated Builds Using CentOS 7 and Kickstart
Elasticsearch, Logstash, and Kibana – The ELK stack
Are you ready for DevOps? Try your luck with the beta version of Linux Professional Institute's new DevOps exam.
Kolab Now Integrates Collabora Online

Kolab Now subscribers now have access to Collabora Online.