MainInclusionReportApparmor

Main Inclusion Report for apparmor

Requirements

  1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/a/apparmor/; available for i386, amd64, ppc, ppc64.

  2. Rationale:

    • AppArmor proactively protects the system from security threats, both internal and external. It enforce the applications to only be able to access resources aimed to be accessed by the application. In this way the system is protected to both known and unknown threats.

    • For each application we want to protect or increase the security around, a security profile is created. The profile describes what files or devices the application is allowed to read, write and/or execute.
  3. Security:

    • CVE entries: None

    • Secunia history:

    • All management scripts (written in perl) have to run as root, because they access information in /sys/kernel/security/apparmor/. There is also a module loaded into the kernel. Apparmor comes with a daemon, 'aa-eventd', that scans log files to extract apparmor audit messages and put them into a sqlite database for later analysis. It is not started by default.

    • Network activity: None.
    • Source code review:
      • kernel module: No.
      • User space utilities: I've improved some management scripts, so I've looked at the code a little bit.
  4. Quality assurance:

    • In what situations does the package not work out of the box without configuration ?
      • All the profiles are in complain mode by default. So no improved security is provided by default. The user has to put the profiles into enforce mode via the command line. This is done to avoid breaking user's systems since profiles are not well tested yet. In the long term, profiles should be shipped in enforce mode by default to provide additional security out-of-the-box.
      • aa-eventd is used to dump audit messages in an sqlite database. The database is then accessed by the perl module Report.pm (currently used only by YasT, which is not packaged). Report.pm uses ycp (a perl module from Yast), which is not packaged at all. Both aa-eventd and Report.pm are not required to make the AppArmor framework working. They provide reporting functionality. They depend on libtimedate-perl, libdbd-sqlite3-perl and libfile-tail-perl (currently in universe).

      • Apparmor module is included in linux-ubuntu-modules. It has been submitted by upstream for inclusion into the mainline kernel. But it hasn't been accepted yet.
    • Does the package ask any debconf questions higher than priority 'medium' ? No.
    • AppArmor is not packaged in Debian. A request was made : RFP: apparmor -- an application security framework for high security and easy usabilty. But the bug was closed.

    • http://en.opensuse.org/Apparmor is vigorous. It is backed by Novell and included in SLES/Suse Linux/OpenSuse.

    • Upstream bug tracker: Classification: opensuse, Component AppArmor

    • Hardware: No
  5. Standards compliance:

  6. Dependencies:

    • in main:
      • perl
      • libc6
      • upstart-compat-sysv
      • liblocale-gettext-perl
  7. Background information:

    • What do upstream call this software : AppArmor.

    • Has it had different names in the past : The first name was subdomain and started to be developed by Immunix in 97/98. It was renamed to AppArmor in January 2004. Novell bought Immunix in 2005 to include AppArmor into their linux products (ie SLES, Suse Linux, OpenSuse). The project is currently supported by Novell.

Reviewers

MartinPitt: support team gave thumbs up, infrastructure packages are good; -profiles stays in universe for now

MainInclusionReportApparmor (last edited 2008-08-06 16:20:53 by localhost)