Novell delivers security shield for Linux computers

Open-source AppArmor tool promises to help fend off intruders by putting restrictions on software that's running.

Novell plans to release software on Tuesday that is designed to make it harder for new attacks to compromise existing Linux-based computers.

The software, called AppArmor, is one of several products in the security realm based on the idea of mandatory access controls. The technology limits a running software program's privileges only to those absolutely necessary.

Novell's chief rival, Red Hat, has been adding such features into its product through the use of SELinux , added to Red Hat Enterprise Linux in 2005 .

The AppArmor software is available for download and will be integrated into OpenSuse on Jan. 19, Novell said. It's based on software Novell obtained when it bought Immunix, a Linux security company, in 2005 .

AppArmor lets an administrator create a profile that describes which files a given application may use. The software then enforces that profile. Consquently, if a remote attacker takes over that application, it's more difficult for the attacker to use the application for malicious purposes, such as taking over the entire computer.

Novell argues that AppArmor is "much easier to use than SELinux," according to the project's Web site. Policy generation is automated, configuration can be handled through Suse's YAST tool, Novell said. In addition, the performance penalty--a measure of the effect of the software on a system's performance--ranges from 0 percent to 2 percent compared with SELinux's 7 percent, the company added.

AppArmor is being released under the General Public License , or GPL, Novell said.

Tags:
Security
About the author

Stephen Shankland has been a reporter at CNET since 1998 and covers browsers, Web development, digital photography and new technology. In the past he has been CNET's beat reporter for Google, Yahoo, Linux, open-source software, servers and supercomputers. He has a soft spot in his heart for standards groups and I/O interfaces.

 

Discuss Novell delivers security shield for Linux...

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
Texting while strolling makes you walk funny, study confirms