Skip to content

Latest commit

 

History

History
executable file
·
16 lines (8 loc) · 786 Bytes

File metadata and controls

executable file
·
16 lines (8 loc) · 786 Bytes

AppArmor

In this section, we will take a look at AppArmor.

  • AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths.

  • AppArmor is installed by default on the most Linux distribution.

    systemctl status apparmor

  • AppArmor confinement is provided via profiles loaded into the kernel. AppArmor can be set to either enforce the profile or complain when profile rules are violated.

    apparmorProfiles