Is its intended audience aware of its limitiations? Lars has just
acknowledged that it does not implement mandatory access control, for one.
Until people understand these issues, they certainly need to be addressed
in the context of upstream merge.
I don't believe that people at the summit were adequately informed on the
issue, and from several accounts I've heard, Stephen Smalley was
effectively cut off before he could even get to his second slide.
Keep in mind that this current thread arose from Greg KH asking about
whether AppArmor could effectively be implemented via SELinux and
Some of us took the time to perform analysis and then provide feedback on
this, in good faith.
The underlying issues only came up again in response to an inflammatory
post by Lars. If you want to avoid discussions of AppArmor's design, then
I suggest taking it up with those who initiate them.