AppArmor
   HOME

TheInfoList



Click Here for Items Related To - AppArmor
OR:
AppArmor on:   [Wikipedia]   [Google]   [Amazon]

AppArmor ("Application Armor") is a
Linux kernel The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ...
security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. AppArmor supplements the traditional Unix
discretionary access control In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria (TCSEC) as a means of restricting access to objects based on the identity of subjects and/or groups to ...
(DAC) model by providing
mandatory access control In computer security, mandatory access control (MAC) refers to a type of access control by which the operating system or database constrains the ability of a ''subject'' or ''initiator'' to access or generally perform some sort of operation on a ...
(MAC). It has been partially included in the mainline Linux kernel since version 2.6.36 and its development has been supported by
Canonical The adjective canonical is applied in many contexts to mean "according to the canon" the standard, rule or primary source that is accepted as authoritative for the body of knowledge or literature in that context. In mathematics, "canonical examp ...
since 2009.


Details

In addition to manually creating profiles, AppArmor includes a learning mode, in which profile violations are logged, but not prevented. This log can then be used for generating an AppArmor profile, based on the program's typical behavior. AppArmor is implemented using the
Linux Security Modules Linux Security Modules (LSM) is a framework allowing the Linux kernel to support without bias a variety of computer security models. LSM is licensed under the terms of the GNU General Public License and is a standard part of the Linux kernel sinc ...
(LSM) kernel interface. AppArmor is offered in part as an alternative to
SELinux Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). SELinux is a set of kernel modifications and user-space ...
, which critics consider difficult for administrators to set up and maintain. Unlike SELinux, which is based on applying labels to files, AppArmor works with file paths. Proponents of AppArmor claim that it is less complex and easier for the average user to learn than SELinux. They also claim that AppArmor requires fewer modifications to work with existing systems. For example, SELinux requires a filesystem that supports "security labels", and thus cannot provide access control for files mounted via NFS. AppArmor is filesystem-agnostic.


Other systems

AppArmor represents one of several possible approaches to the problem of restricting the actions that installed software may take. The
SELinux Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). SELinux is a set of kernel modifications and user-space ...
system generally takes an approach similar to AppArmor. One important difference: SELinux identifies file system objects by
inode The inode (index node) is a data structure in a Unix-style file system that describes a file-system object such as a file or a directory. Each inode stores the attributes and disk block locations of the object's data. File-system object attribut ...
number instead of path. Under AppArmor an inaccessible file may become accessible if a
hard link In computing, a hard link is a directory entry (in a directory-based file system) that associates a name with a file. Thus, each file must have at least one hard link. Creating additional hard links for a file makes the contents of that file ac ...
to it is created. This difference may be less important than it once was, as Ubuntu 10.10 and later mitigate this with a security module called Yama, which is also used in other distributions. SELinux's inode-based model has always inherently denied access through newly created hard links because the hard link would be pointing to an inaccessible inode. SELinux and AppArmor also differ significantly in how they are administered and how they integrate into the system. Isolation of processes can also be accomplished by mechanisms like virtualization; the One Laptop per Child (OLPC) project, for example, sandboxes individual applications in lightweight Vserver. In 2007, the Simplified Mandatory Access Control Kernel was introduced. In 2009, a new solution called Tomoyo was included in Linux 2.6.30; like AppArmor, it also uses path-based access control.


Availability

AppArmor was first used in
Immunix Immunix is a discontinued commercial operating system that provided host-based application security solutions. The last release of Immunix's Linux distribution was version 7.3 on November 27, 2003. Immunix, Inc. was the creator of AppArmor, an appl ...
Linux 1998–2003. At the time, AppArmor was known as SubDomain, a reference to the ability for a security profile for a specific program to be segmented into different domains, which the program can switch between dynamically. AppArmor was first made available in SLES and
openSUSE openSUSE () is a free and open source RPM-based Linux distribution developed by the openSUSE project. The initial release of the community project was a beta version of SUSE Linux 10.0. Additionally the project creates a variety of tools, s ...
and was first enabled by default in SLES 10 and in openSUSE 10.1. In May 2005
Novell Novell, Inc. was an American software and services company headquartered in Provo, Utah, that existed from 1980 until 2014. Its most significant product was the multi- platform network operating system known as Novell NetWare. Under the le ...
acquired
Immunix Immunix is a discontinued commercial operating system that provided host-based application security solutions. The last release of Immunix's Linux distribution was version 7.3 on November 27, 2003. Immunix, Inc. was the creator of AppArmor, an appl ...
and rebranded
SubDomain In the Domain Name System (DNS) hierarchy, a subdomain is a domain that is a part of another (main) domain. For example, if a domain offered an online store as part of their website example.com, it might use the subdomain shop.example.com . ...
as AppArmor and began code cleaning and rewriting for the inclusion in the
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, whi ...
kernel. From 2005 to September 2007, AppArmor was maintained by Novell. Novell was taken over by
SUSE SUSE ( , ) is a German-based multinational open-source software company that develops and sells Linux products to business customers. Founded in 1992, it was the first company to market Linux for enterprise. It is the developer of SUSE Linux Ent ...
who are now the legal owner of the trademarked name AppArmor. AppArmor was first successfully ported/packaged for
Ubuntu Ubuntu ( ) is a Linux distribution based on Debian and composed mostly of free and open-source software. Ubuntu is officially released in three editions: '' Desktop'', ''Server'', and ''Core'' for Internet of things devices and robots. All ...
in April 2007. AppArmor became a default package starting in Ubuntu 7.10, and came as a part of the release of Ubuntu 8.04, protecting only
CUPS CUPS (formerly an acronym for Common UNIX Printing System) is a modular printing system for Unix-like computer operating systems which allows a computer to act as a print server. A computer running CUPS is a host that can accept print job ...
by default. As of Ubuntu 9.04 more items such as MySQL have installed profiles. AppArmor hardening continued to improve in Ubuntu 9.10 as it ships with profiles for its guest session, libvirt virtual machines, the Evince document viewer, and an optional Firefox profile. AppArmor was integrated into the October 2010, 2.6.36 kernel release. AppArmor has been integrated to Synology's DSM since 5.1 Beta in 2014. AppArmor was enabled in
Solus Solus may refer to: *Solus or Soluntum, an ancient city of Sicily * ''Solus'' (comics), an American comic book series *Solus (operating system), an operating system based on the Linux kernel * ''Solus'' (moth), a genus of moths in the family Saturn ...
Release 3 on 2017/8/15. AppArmor is enabled by default in Debian 10 (Buster), released in July 2019. AppArmor is available in the official repositories for
Arch Linux Arch Linux () is an independently developed, x86-64 general-purpose Linux distribution that strives to provide the latest stable versions of most software by following a rolling-release model. The default installation is a minimal base system, ...
.


See also

* Linux Intrusion Detection System (LIDS) *
Systrace Systrace is a computer security utility which limits an application's access to the system by enforcing access policies for system calls. This can mitigate the effects of buffer overflows and other security vulnerabilities. It was developed by N ...


References


External links

*
AppArmor wiki (archived)

AppArmor description from openSUSE.org
*
LKML thread
containing comments and criticism of AppArmor
Apparmor packages for Ubuntu

Counterpoint:
Novell and Red Hat security experts face off on AppArmor and SELinux
AppArmor Application Security for Linux
{{DEFAULTSORT:Apparmor Linux kernel features Linux security software SUSE Linux Ubuntu