The AppArmor debate begins
Posted Apr 27, 2006 6:39 UTC (Thu) by drag
Parent article: The AppArmor debate begins
I don't understand how this is a problem with AppArmor.
It would be a definate problem for SELinux, but it looks like AppArmor and SELinux are doing different things.
Apparmor is for creating a sort of hardenned 'shell' around a application, right? So by default it has 'DENY ALL' type setting. Then you allow access to this or that file, right?
So if you want to deny access to /etc/shadow, you simply do not allow access to it. It's denied by default.
So if a attacker figured out how to make shadow appear as /etc/toffu or /tmp/taco to the application or whatever then it still doesn't matter. AppArmor would not allow access to that either; it's denied by default.
A attacker would have to figure out a way to make the file appear as a file you specificly allowed the application access to, right? What is the likelihood of that? In what possible way would a attacker make your shadow file or any other file appear as a library file or maybe a .config file in your home directory while working in a environment everything is set to 'deny all' by default.
The problem is only a you have the default setup of 'access everything', then you try to deny this or that file. Which seems a realy crappy way of doing things.
At least that's how I see it. Is is possible that I am confused about what is going on (which is likely)?
And if AppArmor dies and everybody ends up using SELinux then would it be possible in the selinux framework for me to do what AppArmor does?
I want to make a profile for each and every desktop application that interacts with anything on the network. I want to make a profile for Firefox, Evolution, my IRC client, GAIM, and my RSS reader. This is because my time is important and I only care about hardenning applications that are likely vectors of attack for my day to day activities on the desktop.
Now what is the best way to do that, to do what Apparmor does fairly easily right now, in SELinux?
To me it's always seemed that SELinux is for situations were you have a experianced administrator that wants to setup MAC for a server or whatnot.
AppArmor seems more like a application-level firewall, to block applications from behaving badly and accessing information or writing fradulent information that they shouldn't.
It doesn't seem that one is suited to do what the other does...
to post comments)