« Back to Linux security frameworks

AppArmor

AppArmor is the profile-based security security framework and available on many Debian-based distributions. In this article we look at the basics of this security framework, its purpose and features.

History

AppArmor was developed by Canonical Ltd. and therefore included in their own Ubuntu distribution. included in Ubuntu and other Debian-based distributions

What is AppArmor?

AppArmor is a profile-based MAC framework. As the name implies, profiles are used that focus on simplifying security management. This is done by using application-level confinement. Unlike SELinux, which uses a system-wide policy approach, AppArmor employs profiles that define the allowed behaviors of individual applications or processes.

Main features

  • Profile-Based Confinement: AppArmor profiles specify the allowed behaviors and access permissions for individual applications, reducing the attack surface and limiting potential security breaches.
  • Simplified Configuration: AppArmor offers a relatively straightforward configuration process, making it accessible to administrators with varying levels of expertise.
  • Integration with Package Management: AppArmor profiles can be automatically generated or augmented based on information provided by package maintainers, streamlining the security configuration process.

Feedback

Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!

Mastodon icon