A Novell® AppArmor profile represents the security policy for an individual program
instance or process. It applies to an executable program, but if a portion of
the program needs different access permissions than other portions, the
change hats to use a different security context,
distinctive from the access of the main program. This is known as a
hat or subprofile.
ChangeHat enables programs to change to or from a hat
within a Novell AppArmor profile. It enables you to define security at a finer level
than the process.
This feature requires that each application be made
aware meaning that it is modified to make a request to the Novell AppArmor
module to switch security domains at arbitrary times during the application
execution. Two examples for ChangeHat aware applications are the Apache Web
server and Tomcat.
A profile can have an arbitrary number of subprofiles, but there are only two levels: a subprofile cannot have further sub-subprofiles. A subprofile is written as a separate profile and named as the containing profile followed by the subprofile name, separated by a ^. Subprofiles must be stored in the same file as the parent profile.
NOTE: For More Information
For more information, see the change_hat man page.