[apparmor] AppArmor for wordpress
Craig Small
csmall at debian.org
Thu Mar 29 22:47:35 UTC 2018
Hi There,
As the Debian WordPress maintainer,considering WordPress has the most
security bugs of all the packages I maintain I thought having an AppArmor
profile for it would be a good idea.
I have now written one and done some testing and it seems to work nicely.
The problem is, what to do with it?
It basically has two files:
* /etc/apache2/conf-available/wordpress which has the AAHatName in the
<directory> stanzas
* /etc/apparmor.d/apache2.d/wordpress which defines the ^wordpress profile
The profile is highly dependent on what the user sets the WP_CONTENT_DIR to
(which has to match the second <directory> stanza).
So, it works for me.
Should I just put it in the examples file? My concern is people do odd
configurations to their wordpress setup which apparmor won't like.
I'm not subscribed to this email list so please CC in your replies.
- Craig
--
Craig Small https://dropbear.xyz/ csmall at : dropbear.xyz
Debian GNU/Linux https://www.debian.org/ csmall at : debian.org
Mastodon: @smallsees at social.dropbear.xyz Twitter: @smallsees
GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20180329/0cffb259/attachment.html>
More information about the AppArmor
mailing list