What is a difference between AppArmor and SELinux?

• A. AppArmor is implemented in user space only; SELinux is a Linux Kernel Module.
• B. AppArmor is more complex and harder to configure than SELinux.
• C. AppArmor requires specific configuration; SELinux does not.
• D. SELinux does not store information in extended file attributes; AppArmor does.

Answer: (A)

AppArmor is indeed implemented primarily in user space, providing a simpler and more user-friendly approach to access control by using easy-to-read profiles. These profiles define the permissions for applications, allowing for effective confinement without deep diving into kernel-level complexity. In contrast, SELinux (Security-Enhanced Linux) operates as a Linux kernel module, integrating tightly with the kernel to enforce the security policy at a more granular level and often requiring a more intricate configuration process.

This distinction highlights how different security frameworks prioritize compatibility and usability versus a robust security model deeply integrated with the operating system’s kernel. The clarity provided by AppArmor's user-space configuration is one of its selling points and allows less experienced users to implement security policies without extensive knowledge of the Linux kernel. Conversely, SELinux's kernel-level integration typically leads to a steeper learning curve but offers greater flexibility and security capabilities for advanced users.