AppArmor
E37339
AppArmor is a Linux kernel security module that confines programs to a limited set of resources using per-application security profiles to reduce the impact of vulnerabilities and attacks.
All labels observed (2)
| Label | Occurrences |
|---|---|
| AppArmor canonical | 9 |
| AppArmor project | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T286900 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: AppArmor Context triple: [Linux, supportsSecurityFeature, AppArmor]
-
A.
Armoury Chamber
The Armoury Chamber is a historic museum within Moscow's Kremlin that houses Russia's most treasured state regalia, ceremonial weapons, jewelry, and artifacts.
-
B.
Dracut
Dracut is a town in northeastern Massachusetts, United States, known for its suburban character and proximity to the city of Lowell.
-
C.
Continuous Diagnostics and Mitigation tools
Continuous Diagnostics and Mitigation tools are cybersecurity solutions that provide ongoing monitoring, vulnerability management, and risk assessment to help organizations strengthen and maintain their security posture.
-
D.
AppDynamics
AppDynamics is an application performance monitoring and observability company that provides tools to track, analyze, and optimize the performance of software applications and IT infrastructure.
-
E.
Defensive Aids Sub-System
The Defensive Aids Sub-System is an integrated electronic warfare and self-protection suite designed to detect, identify, and counter threats to the Eurofighter Typhoon FGR4.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: AppArmor Target entity description: AppArmor is a Linux kernel security module that confines programs to a limited set of resources using per-application security profiles to reduce the impact of vulnerabilities and attacks.
-
A.
Armoury Chamber
The Armoury Chamber is a historic museum within Moscow's Kremlin that houses Russia's most treasured state regalia, ceremonial weapons, jewelry, and artifacts.
-
B.
Dracut
Dracut is a town in northeastern Massachusetts, United States, known for its suburban character and proximity to the city of Lowell.
-
C.
Continuous Diagnostics and Mitigation tools
Continuous Diagnostics and Mitigation tools are cybersecurity solutions that provide ongoing monitoring, vulnerability management, and risk assessment to help organizations strengthen and maintain their security posture.
-
D.
AppDynamics
AppDynamics is an application performance monitoring and observability company that provides tools to track, analyze, and optimize the performance of software applications and IT infrastructure.
-
E.
Defensive Aids Sub-System
The Defensive Aids Sub-System is an integrated electronic warfare and self-protection suite designed to detect, identify, and counter threats to the Eurofighter Typhoon FGR4.
- F. None of above. chosen
Statements (70)
| Predicate | Object |
|---|---|
| instanceOf |
Linux security module
ⓘ
kernel security module ⓘ mandatory access control system ⓘ |
| advantage |
easier profile management
ⓘ
per-application configuration ⓘ |
| comparedTo | SELinux ⓘ |
| configurationFile | /etc/apparmor/parser.conf ⓘ |
| controls |
capabilities
ⓘ
execution of programs ⓘ file system access ⓘ mount operations ⓘ network access ⓘ ptrace permissions ⓘ signal permissions ⓘ |
| designApproach | path-based confinement ⓘ |
| developer |
Canonical Ltd.
ⓘ
Immunix ⓘ Novell ⓘ SUSE ⓘ |
| distributionSupport |
Arch Linux
ⓘ
Debian ⓘ Fedora Linux ⓘ
surface form:
Fedora
SUSE ⓘ
surface form:
SUSE Linux Enterprise
Ubuntu ⓘ openSUSE ⓘ |
| documentation | https://gitlab.com/apparmor/apparmor/-/wikis/home ⓘ |
| feature |
capability rules
ⓘ
complain mode ⓘ dbus rules ⓘ enforce mode ⓘ file path rules ⓘ hat subprofiles ⓘ learning mode ⓘ mount rules ⓘ network rules ⓘ profile abstractions ⓘ profile inheritance ⓘ profile stacking ⓘ profile templates ⓘ ptrace rules ⓘ signal rules ⓘ |
| implements | Linux Security Modules API ⓘ |
| introducedInMainlineKernelVersion | 2.6.36 ⓘ |
| kernelInterface | /sys/kernel/security/apparmor ⓘ |
| license | GNU General Public License ⓘ |
| logSource |
kernel audit subsystem
ⓘ
syslog ⓘ |
| operatingSystem | Linux ⓘ |
| primaryGoal |
application confinement
ⓘ
least privilege enforcement ⓘ mitigation of software vulnerabilities ⓘ |
| profileDirectory | /etc/apparmor.d ⓘ |
| securityModel |
mandatory access control
ⓘ
path-based access control ⓘ |
| sourceCodeRepository | https://gitlab.com/apparmor/apparmor ⓘ |
| supports |
confinement of containers
ⓘ
confinement of desktop applications ⓘ confinement of system services ⓘ profile mediation for individual binaries ⓘ |
| usedBy | Snap packages on Ubuntu ⓘ |
| usedFor |
reducing impact of application compromises
ⓘ
restricting access to system resources ⓘ |
| userSpaceTool |
aa-complain
ⓘ
aa-disable ⓘ aa-enforce ⓘ aa-genprof ⓘ aa-logprof ⓘ aa-status ⓘ apparmor_parser ⓘ |
| uses | per-application security profiles ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: AppArmor Description of subject: AppArmor is a Linux kernel security module that confines programs to a limited set of resources using per-application security profiles to reduce the impact of vulnerabilities and attacks.
Referenced by (10)
Full triples — surface form annotated when it differs from this entity's canonical label.