tool

AppArmor

AppArmor (Application Armor) is a Linux kernel security module that provides mandatory access control (MAC) by confining programs to a limited set of resources. It uses security profiles to define what files, capabilities, and network access an application is allowed, enhancing system security by restricting potential attack surfaces. Unlike traditional discretionary access control, AppArmor enforces policies at the application level, making it easier to deploy and manage than other MAC systems like SELinux.

Also known as: Application Armor, Apparmor, App Armor, AA, Linux AppArmor
🧊Why learn AppArmor?

Developers should learn AppArmor when building or deploying applications on Linux systems that require enhanced security, such as servers, containers, or IoT devices, to mitigate risks from vulnerabilities or malicious code. It is particularly useful for confining web servers, databases, or custom applications to prevent privilege escalation and limit damage from breaches. Use cases include securing Docker containers, hardening Ubuntu servers, and compliance with security standards like CIS benchmarks.

Compare AppArmor

AppArmor vs SelinuxAppArmor vs GrsecurityAppArmor vs Seccomp

Learning Resources

📄
AppArmor Documentation
docs
📝
Ubuntu AppArmor Tutorial
tutorial
🎓
Linux Academy: AppArmor Course
course
🎬
YouTube: AppArmor Explained
video
📚
Book: 'Linux Security Cookbook' by Daniel J. Barrett
book

Related Tools

Linux SecurityMandatory Access ControlSelinuxDocker SecurityUbuntu

Alternatives to AppArmor

SelinuxGrsecuritySeccomp