mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

New Readme.

Browse Source
This commit is contained in:
Alexandre Pujol 2021-04-02 18:13:03 +01:00
parent 2d01001020
commit 646cbec874
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 30 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README
View File

@ -1,20 +0,0 @@
------------
Introduction
------------
This repository contains various AppArmor profiles, which aim is to confine linux applications. This
work started a few years ago, but still some of the profiles should be considered experimental,
though most of them work well, at least on my system (Xserver/Openbox setup). Whether any of the
profiles will work on your linux, it depends. Basically the software you use matters a lot, for
instance, major desktop environments (KDE/GNOME) are known to cause troubles, and additional rules
probably will be required to make an app work under such DE. Probably many profiles are also
missing some rules because I'm not able to check and test every app in its every detail -- it
simply takes a lot of time.
The profile rules basically try to map files that a certain application wants to use. Not all the
files are required for an app to make it work, and in some cases giving access to certain files can
be dangerous for both security and privacy. I'm making the file maps just to know how an app works
(what files it tries to use), and whether (or not) it makes some suspicious actions by trying to
read or write exotic locations. With AppArmor everything is clear what apps are trying to do in the
system. When you know what files are used, you can try to deny those you think that can be blocked,
and at some point you get a more strict profiles which provide a better security and privacy, but
of course it will take time.

30
README.md Normal file
View File

@ -0,0 +1,30 @@
[<img src="https://gitlab.com/uploads/-/system/project/avatar/25600351/logo.png" align="right" height="110"/>][project]
# apparmor.d
[![][build]][project]
**Full set of apparmor profiles**
## Installation
**Requirements**
* An `apparmor` based linux distribution.
* A `systemd` based linux distribution.
**Archlinux**
Build and install the package with:
```sh
makepkg -si
```
**Debian**
Build using standard Debian package build tools:
```sh
dpkg-buildpackage -b -d -us -ui --sign-key=<gpg-id>
```
[project]: https://gitlab.com/archlex/hardening/apparmor.d
[build]: https://gitlab.com/archlex/hardening/apparmor.d/badges/master/pipeline.svg?style=flat-square