mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update AppArmorTrustedHelpers

John Johansen 2018-06-15 05:48:24 +00:00
parent a5129f2e2c
commit 7b53383cb3
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
AppArmorTrustedHelpers.md

@ -2,9 +2,9 @@
# Introduction
Trusted helpers are userspace services that have elevated permission in some
domain, that AppArmor trusts to help enforce certain policy. Trusted helpers may themselves be untrusted and confined in other areas.
domain, that AppArmor trusts to help enforce certain policy. Trusted helpers may themselves be 'untrusted' and confined by policy in other domains.
There is no one way to implement a trusted helper, they may be tightly integrated with rules integrated into policy and leveraging the apparmor query infrastructure. To a loosely coupled service that shares no information with AppArmor and only queries some AppArmor properties when doing its enforcement.
There is no one way to implement a trusted helper, they may be tightly integrated into apparmor policy, a loosely coupled service that shares no information with AppArmor and only queries some AppArmor properties when doing its enforcement, or any reasonable combination in between.
# Basics of a Trusted Helper