Can anyone give a real life example of where SELinux saved their security bacon? (or AppArmour if you wish). If not your own, a pointer to someone with a credible experience?
Not a lab test, not a white paper, not a best practice, not a CERT advisory, but a real example, something like audit2why showing a real hacking attempt stopped in its tracks?
(If you have no example, please keep commentary in comments instead of Answers.)
Thanks!