Upcoming SlideShare
Loading in...5

Apparmor by Ekta Ahuja @ null Pune Meet, August 2011

Apparmor by Ekta Ahuja @ null Pune Meet, August 2011



Total Views
Views on SlideShare
Embed Views



1 Embed 424 424



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Apparmor Apparmor Presentation Transcript

  • Presented By: EktaAhuja
  • About Me
    Student: MSc.CA at SICSR
    Windows & Information Security Enthusiast
    Database Freak
  • Agenda
    What is Apparmor?
    Why Use Apparmor?
    Apparmor Profiles
  • Introduction
    AppArmoris the most effective and easy-to-use Linux application security system available on the market today. AppArmor is a security framework that proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good program behavior and preventing even unknown software flaws from being exploited. AppArmor security profiles completely define what system resources individual programs can access, and with what privileges. A number of default policies are included with AppArmor, and using a combination of advanced static analysis and learning-based tools, AppArmor policies for even very complex applications can be deployed successfully in a matter of hours.
  • Why AppArmor..??
  • Which Programs can be Protected..??
    General recommendation :
    Every program that mediates Privileges.
    Network Services :
    Every program(server/client) with open ports.
    Cron jobs :
    Cron jobs that run with root privilages can be protected.
    Web Applications :
    CGI scripts, Java Applets etc.
  • AppArmor Profiles
    For each application that we want to protect we can create a separate profile.
    A profile contains:
    The full path of the program that is confined.
    With the #include directive we can pull in components of other profiles.
    Add POSIX capabilities with the capability statement.
    A path entry, specifying which part of filesystem the program can access.
  • Profile Types:
  • Generating Profiles
  • Key of a Profile
    Each rule also specifies permissions:
    r – read
    w - write
    ux - unconstrained execute
    Ux - unconstrained execute -- scrub the environment
    px - discrete profile execute
    Px - discrete profile execute -- scrub the environment
    ix - inherit execute m - allow PROT_EXEC with mmap(2) calls
    l - link
    cx- local security profile
  • Parts of Profile:
    Example: Hypothetical application -- /usr/bin/foo
    #include <tunables/global>
    #include <abstractions/base>
    capability setgid ,
    network inettcp ,
    link /etc/sysconfig/foo -> /etc/foo.conf,
    /bin/mount ux,
    /dev/{,u} random r,
    /etc/ r,
    /etc/foo/* r,
    /lib/ld-*.so* mr,
    /lib/lib*.so* mr,
    /proc/[0-9]** r,
    /usr/lib/** mr,
    /tmp/ r,
    /tmp/ wr, /tmp/foo.* lrw,
    /@{HOME} /.foo_filerw,
  • Parts of Profile (cont..)
    owner /shared/foo/** rw,
    /bin/** px -> bin_generic,
    # a comment about foo's local (children)profile for /usr/bin/foobar.
    profile /usr/bin/foobar {
    /bin/bash rmix,
    /bin/cat rmix,
    /bin/more rmix,
    /var/log/foobar* rwl,
    /etc/foobar r,
    # foo's hat, bar.
    ^bar {
    /lib/ld-*.so* mr,
    /usr/bin/bar px,
    /var/spool/* rwl,
  • Profile Modes
    Enforce Mode
    Complain Mode (Learning Mode)
  • Flow of Logic
    Collapse a few rules and make it more generic and open.
  • Demo Time 
  • References
  • Thank You