What is the difference between AppArmor vs Selinux?
I have been reviewing a couple of comparisons between AppArmor vs SELinux including:
SELinux SELinux and AppArmor: An Introductory Comparison
I concluded that AppArmor when compared to SELinux. Based on the ease AppArmor are a far less complex and far shorter learning curve. Ergo, the majority of comparisons are in favor of AppArmor but how can I say that AppArmor is more secure than SELinux when we compare AppArmor vs SELinux?
When comparing AppArmor vs SELinux, both security systems provide tools to isolate applications from each other. And in turn, isolate an attacker from the rest of the system when an application is compromised.
SELinux rule sets are highly complex but with this complexity, you have more control over how processes are isolated. Generating these policies can be automated. A strike against this security system, when comparing Apparmor vs SELinux is that it's very difficult to independently verify.
AppArmor (and SMACK) is very straightforward. The profiles can be handwritten by humans or generated using aa-logprof. AppArmor uses path-based control, making the system more transparent so it can be independently verified.