Novell Open Sources AppArmor

Crispin Cowan writes "Novell has announced the release of their AppArmor security system into open source. AppArmor is an application security system that confines programs, enforcing that they are permitted to do only what they are supposed to do, and nothing else. AppArmor is an LSM module that is an alternative to SELinux, but arguably much easier to use. Now in open source, AppArmor is included with every SUSE Linux distro, including openSUSE."

Translation please

[Crayon+Kid]

IRTFA.

But I suspect most of us will still need someone to put some things in plain English. I even read the "detailed description" and no go. Call me Dumbo.

*Is it kernel space or userspace?
*What's with those "3rd party config files"? If we wait for [all the] apps to catch up, good luck. See how "widely" the user home config file spec from FDO was implemented, and that one needs just an effort of good will.
*Isn't it a bit strange to let a 3rd app specify its own security config on YOUR machine's context?
*What exactly do they mean by "easy to use"? No, miles long text files where you have to write down what files each program can access are not "easy to use".