AppArmor

AppArmor is a MAC (Mandatory Access Control) system, implemented upon LSM (Linux Security Modules).

Patches
While the Linux kernel already supports AppArmor natively, the userspace utilities depend on a number of patches produced by the AppArmor developers that have not yet been accepted upstream. Depending upon the version of the kernel you are using, the patches are included in the AppArmor tarball, or can be found in version-specific git branches.

These patches do not apply cleanly to so a rebased version for the latest kernel is provided for convenience.

Configuration
You need to activate the following kernel options:

Note that the Enable AppArmor 2.4 compatability option will only be available if you are using the kernel patches.

Software
A number of packages are availabine in the hardened-dev [[overlay]:


 * - the core library to support the userspace utilities
 * - the profile parser and init script (required)
 * - additional userspace utilities to assist with profile management (recommended)
 * - a collection of pre-build profiles contributed by the AppArmor community

GRUB and GRUB2
or

You should apply changes running

(optionally) Adding entry in fstab

Boot service
Adding it to boot runlevel:

Securing Skype
Put provided below as file to. Don't forget modifying it for yourself.