AppArmor is a kernel enhancement to confine programs to a limited set of resources. AppArmor's unique security model is to bind access control attributes to programs rather than to users. AppArmor confinement is provided via profiles loaded into the kernel via apparmor_parser, typically through the /etc/init.d/apparmor SysV initscript (on Ubuntu, Follow the below link for details), which is used like this: # /etc/init.d/apparmor start # /etc/init.d/apparmor stop # /etc/init.d/apparmor restart # sudo apparmor_status AppArmor can operate in two modes: enforcement, and complain or learning: enforcement - Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts to syslogd. complain - Profiles loaded in "complain" mode will not enforce policy. Instead, it will report policy violation attempts. This mode is convenient for developing profiles. To manage complain mode for i...
Free Hosting & Email Solutions for Application Developer