[apparmor] sshd and hats

Seth Arnold seth.arnold at canonical.com
Fri Oct 2 05:21:38 UTC 2015


On Thu, Oct 01, 2015 at 08:08:17PM -0700, John Johansen wrote:
> Ha! I was wrong, I did find a version of it and sftp too
> 
> Its old, against openssh3.8 and I haven't really looked at it

This is great. Lots of fun old history in this.. 32 bit hats, a random
chance for generating a 0x00000000 hat that will lead to a failed
change_hat just before starting an authenticated session, and all the Ye
Olde Immunix names.

Hopefully the mediation points are still useful in OpenSSH. Perhaps
they've changed as much as we have.

For example I'd probably use aa_change_profile() instead of aa_change_hat()
for some of these calls, it allows specifying allowed transitions. And the
session handling should probably not jump back to the main profile before
handing off to pam_apparmor (rather than hard-coding those here, too..)

Anyway, this is at least a good fun trip down memory lane, and hopefully
even useful to resurrecting the apparmor-enforced privsep OpenSSH.

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20151001/853d0c4a/attachment.pgp>


More information about the AppArmor mailing list