April 26, 2019

Linux Kernel 2.6.36 Gets AppArmor

Ubuntu Succeeds where Novell Failed

  • October 21, 2010
  • By Sean Michael Kerner
Sean Michael Kerner

After years of being outside of the mainline, the AppArmor security system is now finally part of the main Linux kernel.

Linux founder Linus Torvalds formally released the 2.6.36 kernel this week nearly three months after the release of the 2.6.35 kernel.

AppArmor has been in use by Linux distributions since at least 2006 when Novell first open sourced the code as a rival option to SELinux which has been championed by Red Hat. Ubuntu picked up AppArmor in 2007 with the 7.10 Gutsy Gibbon release.

Over the years, Novell had tried to get AppArmor into the mainline Linux kernel, though in the end it was Ubuntu that led the successful charge to that got AppArmor into the 2.6.36 kernel.

"Canonical is committed to AppArmor's development and to that end in order to do it properly it needed to go upstream," Pete Graner, Manager of the Ubuntu Kernel at Canonical told InternetNews.com. "I wouldn't call that a victory, it's the right thing to do."

Graner noted that AppArmor is a fit with Ubuntu's core philosophy of trying to be simple and powerful. As to why Ubuntu engineers were successful in getting AppArmor into the Linux kernel, Graner has a few ideas.

"There were attempts by Novell in the past but they seemed to stall," Graner said. "We were careful to address upstream concerns and be responsive to feedback."

Red Hat Sticks With SELinux

For Red Hat, which has been leading the SELinux effort since at least 2004, the inclusion of AppArmor in the mainline Linux kernel will not impact their strategy.

"The fact that SELinux has been fully integrated into the upstream kernel for many years while AppArmor has remained on the periphery gives good indication of broader Linux community acceptance," Tim Burke, vice president, Linux Engineering at Red Hat told InternetNews.com. "Enterprise customers and government entities seeking the highest levels of Linux security have embraced SELinux. Red Hat remains fully committed to SELinux and has no intentions to switch to an AppArmor model."

Most Popular LinuxPlanet Stories