[apparmor] Addressing limitations in DAC

[Murali Selvaraj]

Hi All,

- I would like to understand limitations in DAC which are addressed in
Apparmor. Please share any simple examples to understand this query.
- Does command line injection (SECVUL) issue be addressed if we use
Apparmor?  If so, give a real time example for the reference.
- In other words, by restricting the system resource using Apparmor,
what are the major security leaks are we avoiding? Pls share
additional details if available.

Thanks
Murali.S