SUSE Linux administrators will have a choice in intrusion detection systems next year: They can use the complex, military-grade Security-Enhanced Linux, or SELinux or instead Novell Inc.'s simpler AppArmor security tool.

In response to some requests, the Waltham, Mass.-based company has decided to stop disabling SELinux within the Linux kernel, starting with the next version of OpenSUSE 11.1, which is expected in December, and SUSE Linux Enterprise 11 for servers and desktops which will follow in the first half of 2009.

But the change does not mean that Novell will back AppArmor any less. In fact, Novell will not offer support for SELinux. So users who try it are on their own, according to Holger Dyroff, Novell's vice president of product management for SUSE Linux.

"We had some demand from people who wanted to try out SELinux," Dyroff said. "But we still recommend AppArmor."

SELinux vs. AppArmor