{"description": "Many security vulnerabilities result from bugs in trusted programs. A trusted\nprogram runs with privileges that attackers want to possess. The program fails\nto keep that trust if there is a bug in the program that allows the attacker to\nacquire said privilege.\n<br /><br />\nAppArmor\u00ae is an application security solution designed specifically to apply\nprivilege confinement to suspect programs. AppArmor allows the administrator to\nspecify the domain of activities the program can perform by developing a\nsecurity profile. A security profile is a listing of files that the program may\naccess and the operations the program may perform. AppArmor secures\napplications by enforcing good application behavior without relying on attack\nsignatures, so it can prevent attacks even if previously unknown\nvulnerabilities are being exploited.", "warnings": [], "requires": [], "conflicts": [], "values": ["var_apparmor_mode"], "groups": {}, "rules": ["all_apparmor_profiles_enforced", "all_apparmor_profiles_in_enforce_complain_mode", "apparmor_configured", "grub2_enable_apparmor", "package_apparmor-utils_installed", "package_apparmor_installed", "package_pam_apparmor_installed"], "platform": "machine", "platforms": ["machine"], "inherited_platforms": [], "cpe_platform_names": ["machine"], "title": "AppArmor", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/apparmor/group.yml"}