[apparmor] AppArmor stacking

[Seth Arnold]

Hello,

I thought our stacking discusssions might go better if we've got some
concrete examples of how stacking could be or will be used:

1. lxc/lxd/docker containers that use AppArmor to help enforce host
security from the contained applications while still allowing the
contained applications to use AppArmor as if they were running in a
standard system instead. AppArmor may also be used to keep the different
containers from influencing each other, or allow influencing each other
only through defined mechanisms.

2. The system administrator may want to use pam_apparmor to enforce that
users can't gain administrative privileges while administrative users can.
All PAM-based ways users gain access to a system get a generic profile
applied that only allows the handful of capabilities needed for e.g.
password changes via child profiles.

3. The system administrator may want to use pam_apparmor to enforce that
users are separated or only interact with each other in specific ways.
This profile would probably include extensive use of 'owner' rules.

4. Users may think distro-provided or admin-provided profiles for
applications are too loose and don't mind trading some usability for
drastically tightening the permissions of the applications they use.

I can even see several of these in use simultaneously on one machine.

Have I missed any use cases? (I think it'd be worth fleshing these out to
the point where they'd make nice guides on the wiki or docs or blog posts
or something.)

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160125/78d51d7b/attachment.pgp>