[ubuntu-hardened] Towards an Apparmor Certification program
Jamie Strandboge
jamie at canonical.com
Fri Jul 27 16:45:26 UTC 2012
On Wed, 2012-07-25 at 08:31 -0700, Michael J Daniel wrote:
> I've been thinking about an apparmor certification program
> and I want to capture those thoughts.
>
>
> The goal of the program is to ...
> 1) encourage developers to include apparmor protections in their programs.
> 2) encourage users to choose apparmor protected programs.
Worthy goals.
> We should have a distinctive certification symbol, with an overlay
> between "0 %" and "100 %".
This sounds interesting, but I think, at least for Ubuntu, a number of
things need to happen first:
* the user space tools need to improve (in progress)
* the ARB/et al needs to pick up the benefits of confining an
application (in progress)
* AppArmor needs to be exposed to developers in a friendly way (in
progress)
* AppArmor needs to be improved in a number of ways to make it more
effective in confining desktop application (in progress and
roadmapped)
Additionally, the Ubuntu Security team's hope is that Ubuntu will have a
fully realized application confinement solution such that the
confinement policy provides certain assurances and rival that of
competing operating systems. AppArmor will play an important part in
this solution, but there will undoubtedly be other pieces that are
needed.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20120727/6df8881f/attachment.pgp>
More information about the ubuntu-hardened
mailing list