Whether to enable killing of processes which have an AppArmor profile enabled (in ) but are not confined (because AppArmor can only confine new processes).
This is only sending a gracious SIGTERM signal to the processes, not a SIGKILL.
Beware that due to a current limitation of AppArmor, only profiles with exact paths (and no name) can enable such kills.