AppArmor: Application Security for Linux

A Presentation by Crispin Cowan

The core of the security problem is that most software contains latent bugs, and many of these bug can be exploited by attackers to cause the software to do something undesirable to the victim's computer. To block this threat, one can either use only perfect software (of which there is a shortage :) or use a security system to control what software may and may not do. The problem is that such systems are historically very difficult to use.

For the last 7 years, Linux users have had a choice between open source systems such as SELinux, and the proprietary and expensive AppArmor system. Most users have chosen instead to do nothing at all, despite the rising tide of security threats against increasingly complex and vulnerable software. We conjecture that this is because Linux users want an open source solution, but have found SELinux to be too difficult to use in practice, that users make the Hobson's Choice to do nothing at all. Now that the AppArmor system has been open sourced by Novell, Linux users have a real choice of a security system that is both open source, and easy and familiar to use.

In this talk, we will describe the AppArmor security system, and show how to use it to protect Linux systems. We will demonstrate using AppArmor to create security profiles for real and complex server and client applications such as Apache and Gaim. The power and ease of use of AppArmor is such that users should consider AppArmor not just as an alternative to SELinux, but rather as a de facto standard for Linux application security. AppArmor is fully GPL, and is included in all current releases of SUSE Linux. AppArmor ports are available for Slackware and Ubuntu, and under way for Gentoo and Red Hat/Fedora.

Direct link to video