mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-25 03:15:37 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor.d/docs/development/roadmap.md
Alexandre Pujol b10f2df5ec
doc: add roadmap and prebuilt pages.
2025-02-23 20:10:21 +01:00

60 lines
2.4 KiB
Markdown
Raw Blame History

---
title: Roadmap
---
## Toward a stable release
This is the current list of features that must be implemented to get to a stable release
- [ ] **Play machine**
- [ ] **[Sub packages](https://github.com/roddhjav/apparmor.d/issues/464)**
- [x] Move most profiles into groups such that
- [ ] New simplified build system to generate the packages with profile dependencies check
- [ ] **Tests**
- [x] Tests VM for all supported targets (see [tests/vm](vm.md))
- [ ] Small integration tests for all core profiles (see [tests/integration](integration.md))
- [ ] **Documentation**
- [ ] Initial draft of the security model and goal
- [ ] General documentation improvements
- [ ] **General improvements**
- [ ] Provide a proper fix for #74, #80 & #235
- [ ] The apt/dpkg profiles needs to be reworked
## Next features
- [ ] **Conditions**
- [ ] Integrate the new condition feature in the profiles and restrict them a lot according to the application actually in use. Eg: `Gnome | KDE`, `X11 | Wayland`, etc.
- [ ] Create a new `aa-config` tool, similar to seboolean, to manage various settings, based on conditions.
- [ ] **User Data**
- [ ] Fully rewrite the way user data is allowed / denied. The current implementation requires too much configuration to be usable by everyone.
- [ ] Add a prompt listener to handle the user data access.
- [ ] **[Full System Policy](https://github.com/roddhjav/apparmor.d/issues/252)**
- [ ] Debug tool to show the profiles transition tree, and ensure no profile is missing
- [ ] Remove the `default` profile
## Done
**Abstractions**
- [x] New `audio-client` and `audio-server` abstractions
- [x] New desktop agnostic `desktop` abstraction for all common access for any GUI app.
- [x] New `graphics` abstraction, hardware-agnostic. Fully replace and restrict the old `opencl` abstractions
- [x] All new abstractions are documented in the [abstractions](abstractions.md) page
**Dbus**
- [x] New `dbus-{system,session,accessibility}` profiles. Works regardless of the dbus implementation in use.
- [x] New talk directive: Allow the application to talk to session services. (send to)
- [x] New own directive: Allow the application to own session services under the given name. (receive, send, bind)
- [x] New `bus-{system,session,accessibility}` abstraction to be used in the profiles
**Directives**
- [x] Add directive. See the [directive](directives.md) page
Reference in a new issue View git blame Copy permalink