Securing Applications With AppArmor - SUSE 10.1
This week I'm going to take a look at making your PC workstation more secure by configuring AppArmor to work with some common applications.
In a nutshell, AppArmor is a security framework for applications. AppArmor prevents applications from performing undesirable actions and enforces good application behaviour. It can protect against flaws in applications that lead to exploits, even 0-day exploits.
AppArmor works at the kernel level by restricting applications to certain access and operations as defined by an application policy. In SUSE this is provided by a kernel module 'apparmor'. The policies themselves are text files outlining permissions and capabilities using very familiar UNIX like semantics.