[ubuntu-hardened] SELinux versus Apparmor

Magnus Runesson mr-ubuntu at linuxalert.org
Sat Feb 18 12:41:26 GMT 2006

I was eading the Dapper Development Status 09 February 2006 and saw
that SE-Linux was blocked. I asked the following question on the
ubuntu-devel-list, but was recommended to ask here instead.

I have had some thoughts about SELinux and Apparmor for a while.

SELinux is a very advanced framework to control different permissions
with. I have tried to learn to use it but gave up since its to hard to
set up rules for new applications.

When Novell released Apparmor I read about it and it seems much easier
to configure and manage. For you that have not heard about it, take a
look at: http://en.opensuse.org/Apparmor

For a while we had have plans at my work to hardening all our server
applications with SELinux, but gave up. It was to hard. We have no
started considering giving Apparmor a try, since we think that may be

>From my point of you it is important that security mechanisms are pretty
transparent for the users, and easy to manage for the administrators.

Have anyone else had the thought to use AppArmor instead of SELinux in


Magnus Runesson <mr-ubuntu at linuxalert.org>

More information about the ubuntu-hardened mailing list