[apparmor] [ROS] Audit Profile Request

John Johansen john.johansen at canonical.com
Mon Jun 20 13:24:25 UTC 2016


On 06/17/2016 04:18 PM, Ruffin White wrote:
> Hello everyone,
> 
> Speaking on behalf of the Robotic Operating System [1] community, myself and a few others from the Open Source Robotics Foundation [2] have been working on providing support for creating AppArmor profiles for ROS. 
> 
> We have some preliminary profiles working and would like early feedback from the AppArmor community. As most of us are roboticist and not pure security professionals, we'd like to ask if some of you would be willing to audit our policies before we release anything official, bringing to our attention any vulnerabilities, best practices, or end user improvements.
> 
> The current state of the profile policies can be found at our github repo here:
> https://github.com/ros-infrastructure/apparmor_profiles
> 
> A designated channel for discussion and reviews can be conducted through this ticket here:
> https://github.com/ros-infrastructure/apparmor_profiles/issues/1
> 
> I'd like to thank you for you time
> and am looking forward to learn from your expertise
> 
> Ruffin
> 
Hi Ruffin,

thanks for the links, and informing us of the work. We certainly will look at the profiles and provide feedback. It may take a few days as people are busy and some of us are recovering from travel over the weekend.


> [1] http://www.ros.org/ 
> [2] http://www.osrfoundation.org/
> 
> 
> *P.S.*
> Some context on ROS:
> The Robot Operating System (ROS) is a flexible framework for writing robot software. It is a collection of tools, libraries, and conventions that aim to simplify the task of creating complex and robust robot behavior across a wide variety of robotic platforms [3].
> 
> At the lowest level, ROS offers a message passing interface that provides inter-process communication and is commonly referred to as a middleware [4]. This enables a Computation Graph, a peer-to-peer network of ROS processes that are processing data together. The basic Computation Graph concepts of ROS are nodes, Master, Parameter Server, messages, services, and topics [5].
> 
> The goal of developing AppArmor profiles for ROS is a part in a greater current effort to add additional security measures to ROS and the swath of robots that rely on the open source project. We would like provide users the ability to simply to secure their applications, and we see building these policies as means for users to easily customize their own profiles with sane defaults.
> 
> [3] http://www.ros.org/about-ros/
> <http://www.ros.org/about-ros/>
> [4] http://www.ros.org/core-components/
> [5] http://wiki.ros.org/ROS/Concepts#ROS_Computation_Graph_Level
> 
> 




More information about the AppArmor mailing list