MainInclusionReportApparmor

Differences between revisions 3 and 4
Revision 3 as of 2007-06-08 18:19:00
Size: 4863
Editor: 206-248-181-179
Comment:
Revision 4 as of 2007-06-08 18:29:14
Size: 4184
Editor: 206-248-181-179
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

'''Note''': when writing a report this template should be vigorously edited; as a rule of thumb, every individual point should be replaced with a description of the actual situation in the package in question. The purpose of the report is to convey information to the reviewer, so there is no problem with varying the text in the bullet items, or with adding additional information.

Please be informative, and in particular be thorough in investigating and explaining any weaknesses and problems with the package. The purpose of the report is to show to the reviewer that the package has been properly investigated, and to give the reviewer the information from that investigation, for their decision.
Line 9: Line 5:
 0. ''Availability:'' http://archive.ubuntu.com/ubuntu/pool/universe/a/apparmor/; available for i386, amd64.  0. ''Availability:'' http://archive.ubuntu.com/ubuntu/pool/universe/a/apparmor/; available for i386, amd64, ppc, ppc64.
Line 27: Line 23:
  * AppArmor is not packaged in Debian. There was a request made : [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347558 RFP: apparmor -- an application security framework for high security and easy usabilty]   * AppArmor is not packaged in Debian. A request was made : [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347558 RFP: apparmor -- an application security framework for high security and easy usabilty]. But the bug was closed.

Main Inclusion Report for apparmor

Requirements

  1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/a/apparmor/; available for i386, amd64, ppc, ppc64.

  2. Rationale:

    • [http://en.opensuse.org/Apparmor AppArmor] proactively protects the system from security threats, both internal and external. It enforce the applications to only be able to access resources aimed to be accessed by the application. In this way the system is protected to both known and unknown threats.

    • For each application we want to protect or increase the security around, a security profile is created. The profile describes what files or devices the application is allowed to read, write and/or execute.

  3. Security:

    • [http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=apparmor CVE entries]: None

    • [http://secunia.com/search/?search=apparmor Secunia history]:

    • All management scripts (written in perl) have to run as root, because they access information in /sys/kernel/security/apparmor/. There is also a module loaded into the kernel. Apparmor comes with a daemon, 'aa-eventd', that scans log files to extract apparmor audit messages and put them into a sqlite database for later analysis. It is not started by default.

    • Network activity: None.
    • Source code review:
      • kernel module: No.
      • User space utilities: I've improved some management scripts, so I've looked at the code a little bit.

  4. Quality assurance:

    • In what situations does the package not work out of the box without configuration ?
      • All the profiles are in complain mode by default. So no improved security is provided by default. The user has to put the profiles into enforce mode via the command line. This is done to avoid breaking user's systems since profiles are not well tested yet. In the long term, profiles should be shipped in enforce mode by default to provide additional security out-of-the-box.
      • Apparmor kernel module is not included into the kernel. It requires a manual compilation using module-assistant. Apparmor will stop working when the kernel is updated but the user hasn't recompiled apparmor module.
    • Does the package ask any debconf questions higher than priority 'medium' ? No.

    • AppArmor is not packaged in Debian. A request was made : [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347558 RFP: apparmor -- an application security framework for high security and easy usabilty]. But the bug was closed.

    • [http://en.opensuse.org/Apparmor] is vigorous. It is backed by Novell and included in SLES/Suse Linux/OpenSuse.

    • [https://bugzilla.novell.com/ Upstream bug tracker]: Classification: opensuse, Component AppArmor

    • Hardware: No

  5. Standards compliance:

  6. Dependencies:

    • in main:
      • perl
      • libc6
      • upstart-compat-sysv
    • in universe:
      • libtimedate-perl
      • libdbd-sqlite3-perl
      • libfile-tail-perl
      • liblocale-gettext-perl

        All the packages in universe are required to make aa-eventd working. aa-eventd is not required to make the AppArmor framework working. It's used to dump audit log in an sqlite database. The database is then used by reporting tools (currently only by YasT, which is not packaged). Currently audit messages are logged to syslog. In the long term, the audit daemon is planned to be used. See [https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/116921 aa-eventd dependencies missing (from apparmor-utils)] and AppArmorGutsy.

  7. Background information:

    • What do upstream call this software : AppArmor.

    • Has it had different names in the past : Part of Novell/Suse now. Started as Immunix, with the name subdomain (the code still as some references to subdomain).

Reviewers

MainInclusionReportApparmor (last edited 2008-08-06 16:20:53 by localhost)