Security

SELinux: *the* Linux hardening mechanism
Becoming more comprehensive (packet labeling)
Admin tools to address complexity

AppArmor
Much simpler administration
Unpopular with some kernel developers
Path-based policies
Difficult path into kernel

Linux security module framework
Is SELinux the One True Security Framework?
LSM used to circumvent GPL-only restrictions
Might just be removed
...or significantly reworked