According to Microsoft, the company was able to win over the brains behind the AppArmor Linux security system. Crispin Cowan now belongs to the core of the Windows Security Team that developed User Account Control (UAC) and integrity levels. What motivated Cowan to switch from open source to closed source is still unknown. Microsoft’s Michael Howard is exuberant about his intelligent, open and “brutally pragmatic” colleague in his Microsoft blog.
In October of last year, Novell parted with Cowan and five other AppArmor developers, who had been brought on board in mid-2005 following the company’s acquisition of Immunix, which included AppArmor. AppArmor safeguards access by processes to system objects such as files and network ports by adding a control layer to the Linux kernel. You can specify via capabilities whether a program is allowed to open network sockets. This is intended to limit the effects of a breach in the system.
Novell repeatedly attempted to integrate app armor into the official Linux kernel maintained by Linus Torvalds, but came up against resistance in the developer community. The community’s reservations were primarily aimed at the process of identifying files by their names. Currently, Suse, Ubuntu, and Mandriva all use AppArmor. Red Hat uses SELinux.
After his departure, Crispin Cowan had planned to continue work on AppArmor with some of his colleagues – including Steve Beattie and Dominic Reynolds, whom Novell had also sacked – in a new consulting firm. It is still unclear whether Cowan plans to continue developing AppArmor parallel to his duties at Microsoft or he will discontinue work on it, or whether one of the big distributors will take over further development. Heise Security has yet to receive a response to an inquiry made of Cowan.