[apparmor] openSUSE Summit

John Johansen john.johansen at canonical.com
Tue Apr 3 20:56:08 UTC 2012 

On 04/03/2012 08:47 AM, Frankie Onuonga wrote:
> Hi,
> it is possible for me to attend.
> in addition to what has been highlighted above I  can give a brief
> summary on what has bee happening and how security will most likely
> go.
> I can also do a hands on how to use the tool in various environments.
> We use it here in the university I attend so I think it is something I
> should be able to do easily.
> 
> but I can prepare something that we can have ready and go through even
> on a skype meeting to make sure things are clear then from there we
> know for sure what I am going to do there.
> 
> what do you guys think.?
> 
Hi Frankie,

this is great, I'll stop worrying now about getting some one to this then.

So I know I have old slides and Christian has some slides from past
presentations and tutorials.  Don't feel like you have to use any of this
material, just that there is stuff you can draw from if you want.

If you want any help I am certainly willing and I am pretty sure there will
be others as well.  We can coordinate via, irc, email, skype what ever
works best at any given time.

thanks for doing this
john




> thanks.
> 
> Frankie Onuonga
> 
> 
> On 4/3/12, Christian Boltz <apparmor at cboltz.de> wrote:
>> Hello,
>>
>> Am Montag, 2. April 2012 schrieb John Johansen:
>>> On 03/31/2012 02:00 AM, Christian Boltz wrote:
>>>> maybe you have already heard that the openSUSE Summit will take
>>>> place  from September 21-23, 2012 in Orlando Florida.
>>>
>>> Christian out of curiousity what kind of workshop, would you have run?
>>>
>>> I am assuming a more hands on style tutorial right?
>>
>> I didn't think about it too much yet, but I'd say a mix of a talk and a
>> hands-on would make sense.
>>
>> First explain the most important permissions (r, w, ix, mr, Px, Ux, ...)
>> to give everybody a basic understanding. This (more or less
>> automatically) includes reading one of the profiles in /etc/apparmor.d/
>> (Doing a hands-on without explaining the basics first doesn't make sense
>> IMHO.)
>>
>> I gave a talk about AppArmor at LinuxTag 2009 - it took about 30 minutes
>> including two live demos:
>>
>> a) create a profile for a very simple "hello world" script
>>
>> #!/bin/bash
>> echo "Hello World!" > /tmp/hello.txt
>> cat /tmp/hello.txt
>> rm /tmp/hello.txt
>>
>> Then try to exploit the script (anyone knows how to do that? ;-) and
>> show how apparmor denies the exploit ;-)
>>
>> b) profiling vsftpd
>>
>> The usual thing: run genprof, start and stop vsftpd, update the profile.
>> Then upload a file and update the profile again.
>>
>>
>> For the openSUSE Summit, I'd replace part b) with the hands-on and let
>> everybody choose what he/she wants to profile.
>>
>> I can provide my slides if you are interested - but I won't include them
>> in this mail to keep the question from a) interesting *eg*
>> The slides are in german, maybe I'll find some time to translate them.
>> I'm thinking about giving a similar workshop at the openSUSE conference
>> in Prague (in october), so I have to do it anyway.
>>
>> The funny part is that I could just take the slides and give a talk
>> today - the only needed change is the removal of "set capabilities" ;-)
>> (and of course some of the newer features are not included, but maybe
>> that would be too much in a talk targeted at apparmor newbies.)
>>
>>> It would be really
>>> good if we could have someone from the community be there
>>> representing the project, so we will be kicking around ways for this
>>> to happen and should work towards putting together a proposal that
>>> someone could present.
>>
>> I'd say Frankie volunteered ;-) - but nobody will object if more people
>> visit the openSUSE summit.
>>
>>
>> And just as a reminder:
>>
>>>> Feel free to forward the CfP to a more broader audience in the
>>>> Ubuntu world ;-)
>>
>>
>> Regards,
>>
>> Christian Boltz
>> --
>> [ls] Das ist ein kleiner Ludwig, gefolgt von einem kleinen Siegfried
>> (zwei muntere Recken, die auszogen, den Drachen zu schrecken).
>> Keine Ida, denn Burgfräulein haben in Heldenrunden nix verloren.
>> [Philipp Zacharias in suse-linux]
>>
>>
>> --
>> AppArmor mailing list
>> AppArmor at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/apparmor
>>
>

More information about the AppArmor mailing list