Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview

On 4/26/06, Neil Brown <[email protected]> wrote:
>
> I feel we have reached the stage where the questions/comments being
> made are actually directly relevant to AppArmor.  I'm afraid I cannot
> proceed any further now because I am not a security expert.
>
> I would like to summarise what I think are the key points that you
> have raised, and hope that someone who has a deeper understanding of
> these things might answer them, or point to answers.
>
> 1/ Does AppArmor's primary mechanism of confining an application to a
>   superset of it's expected behaviour actually achieve its secondary
>   gaol of protecting data?
>
>   Possibly it would be better to ask "When does ..."  as I think it is
>   easy to imagine application/profile pairs that clearly cannot allow
>   harm, and application/profile pairs that clearly could allow harm.

Depends on the data. A properly constrained Apache webserver would be
prevented from accessing data it shouldn't.

> 2/ What advantages does AppArmor provide over techniques involving
>    virtualisation or gaol mechanisms?  Are these advantages worth
>    while?

If you just wish to run every application in a chrooted jail. Would
you still need a MAC solution?

> 3/ Is AppArmour's approach of using d_path to get a filename from a
>    dentry valid and acceptable?  If not, how can it get a path?  Can
>    suitable hooks be provided so that AppArmor can get a path in an
>    acceptable way at the times when that is meaningful?

I'll leave this for the others...

> I believe that these are all good questions.  The last one is the only
> one that it really relevant to linux-kernel I believe, however answers
> to the first two might tell us how important it is to answer that last
> one.
>
> Thanks for your input.
>
> NeilBrown
>
[snipped]

-Ken
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Andi Kleen <[email protected]>

References:
- [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Tony Jones <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Chris Wright <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Chris Wright <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Neil Brown <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Neil Brown <[email protected]>
- Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Stephen Smalley <[email protected]>
- Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
  - From: Neil Brown <[email protected]>

Prev by Date: Re: [2.6.16.11] Xircom RealPort RBEM56G-100 link change issue
Next by Date: Re: [dm-devel] [RFC] dm-userspace
Previous by thread: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
Next by thread: Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]