Apparmor vs selinux - which should be used?

658    Asked by ankur_3579 in Cyber Security , Asked on Sep 26, 2022

I was reviewing several different comparisons of AppArmor and SELinux which include:

Why I Like AppArmor More Than SELinux

SELinux and AppArmor: An Introductory Comparison

From these articles I conclude that AppArmor is better than SELinux based on AppArmor is far less complex and far shorter learning curve. Thus the majority of comparisons are in favor of AppArmor but how can I say that AppArmor is more secure than SELinux?



Answered by Anne Bell

apparmor vs selinux


These security systems provide tools to isolate applications from each other... and in turn isolate an attacker from the rest of the system when an application is compromised.

SELinux rule sets are incredibly complex but with this complexity you have more control over how processes are isolated. Generating these policies can be automated. A strike against this security system is that it's very difficult to independently verify.

AppArmor (and SMACK) is very straight forward. The profiles can be hand written by humans, or generated using aa-logprof. AppArmor uses path based control, making the system more transparent so it can be independently verified.



Your Answer

Interviews

Parent Categories