[apparmor] AppArmor stacking
Tyler Hicks
tyhicks at canonical.com
Tue Jan 26 22:00:53 UTC 2016
On 2016-01-25 16:46:29, Seth Arnold wrote:
> Hello,
>
> I thought our stacking discusssions might go better if we've got some
> concrete examples of how stacking could be or will be used:
Good idea.
>
> 1. lxc/lxd/docker containers that use AppArmor to help enforce host
> security from the contained applications while still allowing the
> contained applications to use AppArmor as if they were running in a
> standard system instead. AppArmor may also be used to keep the different
> containers from influencing each other, or allow influencing each other
> only through defined mechanisms.
>
> 2. The system administrator may want to use pam_apparmor to enforce that
> users can't gain administrative privileges while administrative users can.
> All PAM-based ways users gain access to a system get a generic profile
> applied that only allows the handful of capabilities needed for e.g.
> password changes via child profiles.
>
> 3. The system administrator may want to use pam_apparmor to enforce that
> users are separated or only interact with each other in specific ways.
> This profile would probably include extensive use of 'owner' rules.
>
> 4. Users may think distro-provided or admin-provided profiles for
> applications are too loose and don't mind trading some usability for
> drastically tightening the permissions of the applications they use.
>
> I can even see several of these in use simultaneously on one machine.
>
> Have I missed any use cases? (I think it'd be worth fleshing these out to
> the point where they'd make nice guides on the wiki or docs or blog posts
> or something.)
I don't think that you've missed any major use cases. As John said, #1
is the main use case. I think all of the other ones will be fringe use
cases that only a handful of people ever use. We should keep those use
cases in mind so that we don't make a design decision that prevents them
but we shouldn't go out of our way to support them in the first
iteration of stacking.
Tyler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160126/548c3f9a/attachment.pgp>
More information about the AppArmor
mailing list