[apparmor] openSUSE Summit

Tue Apr 3 15:47:52 UTC 2012

Hi,
it is possible for me to attend.
in addition to what has been highlighted above I  can give a brief
summary on what has bee happening and how security will most likely
go.
I can also do a hands on how to use the tool in various environments.
We use it here in the university I attend so I think it is something I
should be able to do easily.

but I can prepare something that we can have ready and go through even
on a skype meeting to make sure things are clear then from there we
know for sure what I am going to do there.

what do you guys think.?

thanks.

Frankie Onuonga

On 4/3/12, Christian Boltz <apparmor at cboltz.de> wrote:
> Hello,
>
> Am Montag, 2. April 2012 schrieb John Johansen:
>> On 03/31/2012 02:00 AM, Christian Boltz wrote:
>> > maybe you have already heard that the openSUSE Summit will take
>> > place  from September 21-23, 2012 in Orlando Florida.
>>
>> Christian out of curiousity what kind of workshop, would you have run?
>>
>> I am assuming a more hands on style tutorial right?
>
> I didn't think about it too much yet, but I'd say a mix of a talk and a
> hands-on would make sense.
>
> First explain the most important permissions (r, w, ix, mr, Px, Ux, ...)
> to give everybody a basic understanding. This (more or less
> automatically) includes reading one of the profiles in /etc/apparmor.d/
> (Doing a hands-on without explaining the basics first doesn't make sense
> IMHO.)
>
> I gave a talk about AppArmor at LinuxTag 2009 - it took about 30 minutes
> including two live demos:
>
> a) create a profile for a very simple "hello world" script
>
> #!/bin/bash
> echo "Hello World!" > /tmp/hello.txt
> cat /tmp/hello.txt
> rm /tmp/hello.txt
>
> Then try to exploit the script (anyone knows how to do that? ;-) and
> show how apparmor denies the exploit ;-)
>
> b) profiling vsftpd
>
> The usual thing: run genprof, start and stop vsftpd, update the profile.
> Then upload a file and update the profile again.
>
>
> For the openSUSE Summit, I'd replace part b) with the hands-on and let
> everybody choose what he/she wants to profile.
>
> I can provide my slides if you are interested - but I won't include them
> in this mail to keep the question from a) interesting *eg*
> The slides are in german, maybe I'll find some time to translate them.
> I'm thinking about giving a similar workshop at the openSUSE conference
> in Prague (in october), so I have to do it anyway.
>
> The funny part is that I could just take the slides and give a talk
> today - the only needed change is the removal of "set capabilities" ;-)
> (and of course some of the newer features are not included, but maybe
> that would be too much in a talk targeted at apparmor newbies.)
>
>> It would be really
>> good if we could have someone from the community be there
>> representing the project, so we will be kicking around ways for this
>> to happen and should work towards putting together a proposal that
>> someone could present.
>
> I'd say Frankie volunteered ;-) - but nobody will object if more people
> visit the openSUSE summit.
>
>
> And just as a reminder:
>
>> > Feel free to forward the CfP to a more broader audience in the
>> > Ubuntu world ;-)
>
>
> Regards,
>
> Christian Boltz
> --
> [ls] Das ist ein kleiner Ludwig, gefolgt von einem kleinen Siegfried
> (zwei muntere Recken, die auszogen, den Drachen zu schrecken).
> Keine Ida, denn Burgfräulein haben in Heldenrunden nix verloren.
> [Philipp Zacharias in suse-linux]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>