[apparmor] [Question] any interface to IMA or TPM?
Simone Pierluigi Sortino S210003
s162052 at studenti.polito.it
Sat Nov 21 11:51:31 UTC 2015
Il 20.11.2015 21:15 Seth Arnold ha scritto:
> On Fri, Nov 20, 2015 at 05:35:29PM +0100, Simone Pierluigi Sortino
> S210003 wrote:
>> I want to ask if AppArmor provide any kind of interface to IMA or
>> TPM, in order to have some remote attestation or (at least)
>> integroty control.
>>
>> If it's not available any interface, there is some features able to
>> do that?
>
> Hello Simone; what exactly are you hoping to achieve with TPM or IMA
> interfaces from AppArmor? We haven't built anything to work with or
> mediate TPM or other IMA devices specifically but perhaps what you want
> to
> do can be done with proper policy design.
>
> Thanks
Hey, thank u for the quickly answer.
My goal is find a good way to provide the integrity of files (perhaps
using some approach hardware based like TPM), but that is more flexible
than IMA and its limitated number of PCRs.
I know that AppArmor provide a mandatory access control, and I am
checking if there is any feature related to integrity.
As u know, a MAC only manage right of access to a file (in a very few
words), but if I use any HEX editor, i should be able to access to any
memory allocation and modify it without any access control.
then: Has AppArmor any type of protection/control against this kind of
attack?
thank u (again) for your time
More information about the AppArmor
mailing list