AppArmor set for inclusion in Linux kernel
James Morris, the maintainer of the Linux kernel's security subsystem, has integrated the kernel code for the AppArmor security extension into his development branch, which forms part of Linux-Next. Shortly afterwards, he announced that he also intends to send the code to Linus Torvalds for integration into the Linux 2.6.36 kernel. AppArmor can restrict applications to specific actions to prevent attackers who have, for instance, exploited a security hole in a server program, from gaining access to a system and causing major damage.
Four-and-a-half years after Novell made the AppArmor security extension available as open source code, it seems that, unless Torvalds decides to oppose such a move or the number of people who are against its integration increases, AppArmor will finally be integrated into the official kernel. Interestingly, it was Canonical developer John Johansen who got the AppArmor code to this level after the Novell developers had promoted its integration for several years without success. In 2008, Novell eventually abandoned the AppArmor team and, also in 2008, began to experiment with the SELinux alternative to AppArmor, whose main contributors are the NSA and Red Hat. Early this year, Johansen helped AppArmor development regain considerable momentum.