Better goals description.

This commit is contained in:
Alexandre Pujol 2021-05-09 15:08:26 +01:00
parent 356f466c53
commit a2dc24f61d
Failed to generate hash of commit

View file

@ -1,30 +1,23 @@
[<img src="https://gitlab.com/uploads/-/system/project/avatar/25600351/logo.png" align="right" height="110"/>][project]
# apparmor.d
# apparmor.d [![][build]][project]
[![][build]][project]
**Full set of apparmor profiles**
**Full set of AppArmor profiles**
> Warning: This project is still in early development.
## Description
A set of over 800 apparmor profiles which aims is to confine most of Linux base
applications and processes.
A set of over 800 AppArmor profiles which aims is to confine most of Linux base applications and processes.
**Goals & Purpose**
- All distribution that support Apparmor (currenlty Archlinux and Debian),
- Support all distribution that support AppArmor (currenlty Archlinux and Debian),
- Target both desktop and server,
- Confine all root services (bluetooth, dbus, polkit, networkmanager...),
- Confine all root processes (bluetooth, dbus, polkit, networkmanager, systemd...),
- Confine all Desktop environments (currently only Gnome),
- Fully tested (Work in progress),
- Should not break a normal usage of the confined software.
These profiles strive to be fully functional with zero audit log warnings under
proper behavior. Functionality is not ignored. If functionality is not
explicitly blocked, then it's probably a bug in the profile and should be fixed.
- Fully tested (Work in progress),
**Note:** This work is part of a bigger linux security project.
@ -32,6 +25,15 @@ explicitly blocked, then it's probably a bug in the profile and should be fixed.
to extend it to more Linux distributions and desktop environements.
## Concepts
There are over 50000 Linux packages and even more applications. It is simply not possible to write an AppArmor profile for all of them. Therefore a question arises: *What to confine and why?*
We take inspiration from the [Android/ChromeOS Security Model][android_model] and we apply it to the Linux world. Modern [linux security implementation][clipos] usually consider a core base image with a carefully set of selected applications. Everything else should be sandboxed. Therefore, this project tries to confine all the *core* applications you will usually find in a Linux system: all systemd services, xwayland, network, bluetooth, your desktop environment... Non-core user applications are out of scope as they should be sandboxed using a dedicated tool (minijail, bubblewrap...).
This is fundamentally different from how AppArmor is used on Linux server as it is common to only confine the applications that face the internet and/or the users.
## Tests
A full test suite to ensure compatibility across distributions and softwares is
@ -42,7 +44,8 @@ still a work in progress.
**Requirements**
* An `apparmor` based linux distribution.
* A `systemd` based linux distribution.
* Base profiles and abstraction shipped with apparmor are supposed to be installed.
* Base profiles and abstractions shipped with AppArmor are supposed to be
installed.
**Archlinux**
@ -65,8 +68,7 @@ Feedbacks, contributors, pull requests, are all very welcome.
## License
This program is based on Mikhail Morfikov's [apparmor profiles project][upstream]
and thus has the same license (GPL2).
This program is based on Mikhail Morfikov's [apparmor profiles project][upstream] and thus has the same license (GPL2).
```
Copyright (C) Alexandre PUJOL & Mikhail Morfikov
@ -88,3 +90,6 @@ with this program; if not, write to the Free Software Foundation, Inc.,
[upstream]: https://gitlab.com/morfikov/apparmemall
[project]: https://gitlab.com/roddhjav/apparmor.d
[build]: https://gitlab.com/roddhjav/apparmor.d/badges/master/pipeline.svg?style=flat-square
[android_model]: https://arxiv.org/pdf/1904.05572
[clipos]: https://clip-os.org/en/