[ubuntu-hardened] Towards an Apparmor Certification program

Jamie Strandboge jamie at canonical.com
Fri Jul 27 16:45:26 UTC 2012

On Wed, 2012-07-25 at 08:31 -0700, Michael J Daniel wrote:
> I've been thinking about an apparmor certification program
> and I want to capture those thoughts.
> The goal of the program is to ...
> 1) encourage developers to include apparmor protections in their programs.
> 2) encourage users to choose apparmor protected programs.

Worthy goals.

> We should have a distinctive certification symbol, with an overlay 
> between "0 %" and "100 %".

This sounds interesting, but I think, at least for Ubuntu, a number of
things need to happen first:
 * the user space tools need to improve (in progress)
 * the ARB/et al needs to pick up the benefits of confining an 
   application (in progress)
 * AppArmor needs to be exposed to developers in a friendly way (in
 * AppArmor needs to be improved in a number of ways to make it more
   effective in confining desktop application (in progress and 

Additionally, the Ubuntu Security team's hope is that Ubuntu will have a
fully realized application confinement solution such that the
confinement policy provides certain assurances and rival that of
competing operating systems. AppArmor will play an important part in
this solution, but there will undoubtedly be other pieces that are

Jamie Strandboge             | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20120727/6df8881f/attachment.pgp>

More information about the ubuntu-hardened mailing list