My experience with this subject is limited, but I’m interested in its relevance to real-world security for end users. So, there are two main MAC systems: SELinux and AppArmor. AppArmor seems easier to grasp than SELinux, which appears to be more powerful but incredibly complex – that’s the primary reason I’m here to ask about it. It’s quite difficult to wrap your head around it.
Fedora and OpenSuse seem to be the only distributions that come with an SELinux configuration; Ubuntu relies on AppArmor, while many distributions don’t ship with any MAC at all. As far as I understand these default configurations are rather trivial, do they make a real-world difference? Especially in comparison to systems without any MAC at all?