SDB:TOMOYO Linux
It has no impact on users who do not wish to enable it, except a slightly larger kernel.
TOMOYO Linux is rather easy to configure, in a fashion that is much more similar to AppArmor than to SElinux It has a learning mode, as AppArmor has The project is actively maintained, and we have the ear and support of the TOMOYO project manager and developers
Why TOMOYO and not AppArmor ?
A legitimate question, as we do have AppArmor support in openSUSE already, and several key packages already ship with AppArmor profiles.
TOMOYO goes beyond the level of security that AppArmor provides: It provides deeper protection than AppArmor does
TOMOYO allows users to protect the entire system if users wishes so.
Userland tools are already available, we're merely lacking the TOMOYO 2.x to be enabled in our kernel.
Tracking: