Spotlight | Reviews | Current Issue | Newsletter | Subscribe | Contact

price comparison with
Price comparison for:
fast servers for your business solution, fast notebooks for long flights, software for good results, TomTom navigation systems, PC hardware, Plasma and LCD TVs, Computer Hardware and Software, MP3 Player, highend Laptops and many more. Get reviews of your favourite digital camera or  of  new dvd-players.

user friendly » Issues » 2006 » 69 » PROTECTIVE ARMOR  

Shutting out intruders with AppArmor



When an attacker succeeds in infecting a victim’s system, the attacker inherits the victim’s privileges. App Armor beats the attack by reducing the potential victim’s privileges to a minimum.

Novell views AppArmor [1] as an easily configurable but effective protection system for Linux. According to the vendor, AppArmor competes with SE Linux, which has been part of the Suse distribution for quite a while now, although lacking the policies needed to run it. Whereas SE Linux is comparatively difficult to configure, but implements comprehensive MACs (Mandatory Access Control), AppArmor focuses on restricting the scope of individual applications. The Task It is an unfortunate fact that many programs suffer from bugs, and web applications are particularly badly hit. Most software is not coded by security specialists, though it may be publicly accessible via the web, and this makes it an easy target for attackers. If an attacker finds a programming error in an application, they can typically exploit the error, thus gaining access to the target system.

Read full article as PDF »


Related Articles
COUNTERPOINT Novell and Red Hat security experts face off on AppArmor and SELinux
GOLDEN CAGE Hardening systems with AppArmor
BREAKING IN AND KEEPING OUT Kernel 2.6 rootkits and the quest for Linux security
LINUX IN LINUX Getting started with User-Mode Linux
PREVENTION Staying one step ahead of the intruders
Video Archive USENIX Security '08

Video Archive USENIX Security '08

Look here for archived tutorials and talks from USENIX Security '08. Each comprises a video and recorded presentation slides which are shown parallel to the talk.

Find out more


In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2008 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux-Nachrichten] [Linux Events]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland] [Darmowe Programy Poland] [Open Source DVD Poland] [Linux Magazin Romania]
International: [Linux Magazine Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]