I installed AppArmor, but as far as I understand it, it doesn’t do anything unless I manually add rules for every program. I’m not sure, whether my impression is correct, but from what I understand, this would be hours, if not even days of work. As far as I understand it, SE-Linux would be even worse. Is there a way to make this easier?
There is a package of premade apparmor profiles in the AUR. You also need a kernel with apparmor support enabled. I think it is not that hard to get a working apparmor config on EOS/Arch.
As for selinux, my opinion is if you want to run that you are better off using a distro that is instrumented for it out of the box like Fedora.
8 Likes