1.0 Immunizing Programs

NovellĀ® AppArmor provides immunization technologies that protect SUSE Linux applications from the inherent vulnerabilities they possess. After installing Novell AppArmor, setting up Novell AppArmor profiles and rebooting the computer, your system becomes immunized because it begins to enforce the Novell AppArmor security policies. Protecting programs with Novell AppArmor is referred to as immunizing.

Novell AppArmor sets up a collection of default application profiles to protect standard Linux services. To protect other applications, use the Novell AppArmor tools to create profiles for the applications that you want protected. This chapter introduces you to the philosophy of immunizing programs. Proceed to Section 3.0, Building Novell AppArmor Profiles if you are ready to build and manage Novell AppArmor profiles.

Novell AppArmor provides streamlined access control for network services by specifying which files each program is allowed to read, write, and execute. This ensures that each program does what it is supposed to do and nothing else.

Novell AppArmor is host intrusion prevention, or a mandatory access control scheme, that is optimized for servers. Previously, access control schemes were centered around users because they were built for large timeshare systems. Alternatively, modern network servers largely do not permit users to log in, but instead provide a variety of network services for users, such as Web, mail, file, and print. Novell AppArmor controls the access given to network services and other programs to prevent weaknesses from being exploited.