The software maker decided against adopting security modifications to the Linux kernel developed by the National Security Agency, known as SE Linux, because of the system is extremely difficult to configure. Instead, the Waltham, Mass. firm developed a framework for restricting applications known as AppArmor, which it released as an open-source project in January.
"We looked at SE Linux as a technology and we couldn't figure out how someone who didn't have a PhD could configure it," said Holger Dyroff, vice president of product management for Novell. "We are insisting that security be easy."
At LinuxWorld, Novell discussed the security additions that appear in its latest version of desktop Linux, SuSE Linux Enterprise Desktop (SLED), which the company released last month. However, most of the discussion focused on AppArmor, a system that allows administrators and users to set restrictions on certain applications.
In Novell SLED, AppArmor has profiles for the 30 most problematic components of Linux--those that have system-level access, or "root," and connect to the Internet. Another 80 or so profiles exist that administrators can modify for other high-risk applications.
Posted by: Robert Lemos