| Novell open sources major Linux security program |
Jan. 10, 2006
On Tuesday, Novell announced the creation of the AppArmor project, a new GPL open-source project dedicated to advancing Linux application security.
Novell Inc.'s AppArmor is an intrusion-prevention system that protects Linux and its applications from the effects of attacks, viruses and malicious applications.
AppArmor is based on technology that Novell acquired from Immunix, a leading provider of Linux host-based application security solutions for Linux, when it purchased the company in May 2005.
AppArmor works by "application containment." In this approach, the interactions between applications and users are monitored for possible security violations. This "has emerged as a favored way to protect applications from compromise and to protect applications from one another," observed Al Gillen, research director of system software at IDC when Novell acquired Immunix.
How these interactions are monitored is set by policies. The commercial version comes with predefined security policies for Web server applications such as the Apache Web server, the Postfix and Sendmail email servers, the MySQL DBMS (database management system), and the Samba file and print server.
Novell has donated the core components of its AppArmor framework to provide a foundation for the project. The GPLed code will be available on OpenSUSE.org, here.
The development community will be centered at its own Novell Forge site, here.
"With AppArmor technology now freely available under open source license, the community and our partners can both inspect and improve the technology for everyone," said Jeff Jaffe, Novell's executive vice president and CTO.
According to Novell, AppArmor protects critical data on Linux by making sure application flaws can't be exploited by attackers, easily protecting applications from intrusions and threats without forcing IT staff to rely on emergency patching. Novell's project provides security that is simple enough to achieve widespread adoption, instead of being switched off and ignored as often happens with complex access control systems like SE Linux.
Other industry Linux supporters are also excited about AppArmor's open-source release.
"Novell's move to open source AppArmor will help advance the state of the art of Linux and open source computing platforms," said OSDL (Open Source Development Lab) CEO Stuart Cohen.
"JBoss is pleased to see Novell creating such an important open source project to address a real-world need in enterprise Linux computing. We commend Novell for taking this crucial step and helping ensure open source is a safe choice for the enterprise," said JBoss Inc. product management VP Shaun Connolly in a statement.
SugarCRM Inc. chairman and CEO John Roberts added, " Application security and system protection are crucial to enterprise applications such as ours. Participating in the AppArmor project will help us provide business tools that customers can use in a secure environment with confidence."
Novell AppArmor is already being shipped and deployed on SUSE Linux 10.0, Novell's community Linux distribution and its SLES (SUSE Linux Enterprise Server) 9 Service Pack 3.
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
news feed