[ubuntu-hardened] Apparmor for Ubuntu Dapper
Taco Witte
taco at mval.net
Thu May 11 22:22:09 BST 2006
Hi Magnus,
Op zo, 07-05-2006 te 16:26 +0200, schreef Magnus Runesson:
> HI!
>
> I have working Apparmor packages for Ubuntu Dapper. They can be found
> at: http://www.linuxalert.org/ubuntu/apparmor/
> Patches can be found in the src directory. The patches also contains
> minor fixes that make the init-scripts more LSB compliant.
Cool, I'm testing your packages now. I've changed some existing profiles
(abstractions/base and usr.sbin.ntpd, for locale.alias and i686 cmov
libraries) and made profiles for usr.sbin.tor and sbin.dhclient3. I'll
look into some setuid programs later.
[snip]
> Upcoming steps todo are:
> * Verify existing profiles
> * Add change_hat for apache.
I think sshd is interesting as well, since it's so widely used.
[snip]
> What do you think about geting AppArmor into Dapper+1?
It sounds like a good idea to me -- there's enough time to make profiles
and test them adequately. More fundamentally, I think the idea of
AppArmor fits well with Ubuntu ideas (it's e.g. user friendly).
Kind regards,
Taco
--
jabber:taco at 12jabber.com msn:taco at mval.net icq:201481984 gpg:33A61735 hyves.nl
More information about the ubuntu-hardened
mailing list