[apparmor] some urgent questions

alexofen at gmail.com alexofen at gmail.com
Sun Feb 13 15:13:09 UTC 2011 

Hi everybody and people enthusiastic about system security,

let me right away "beg you pardon" for directly asking some question.
This is  because I have NOT found some conclusive answers by browsing the
archives.
ANY help and comment and hint is appreciated.


(1) concurrency vulnerability and Apparmor(AA)?
->your opinion, is AA safe against vulnerability arrising from execution
concurrency in Multiprocessor environments?
www.cl.cam.ac.uk/teaching/0809/Security/*concurrency*.pdf - gives a good
introduction to this tread.

(2) What is the deal with the complain(I), enforced(II) ,
"not-yet-enabled"(III) states a executable can be in?
So to say a root executed executable not having a profile is allowed
everything, right?
Im a sorry for this stupid question, but as I understand AA is not build
according to the
"everything that is not exprlecitely allowed is forbidden" but rather
"everything that is not exprlecitely forbidden is allowed", true?

(3) Paranonia, do you think the LSM /security part of the linux kernel is
"watched" and regularily audited to not
have a NSA , secret service backdoor? This more general is a concern I am
not having any idea to address because
only by being "open" the source does not manditorily need to have some
people with "good intentions" watching/checking it?
Actually I expect most code not to be audited and feel at loss to the
"volume" making it impossible to check it myself.
any suggestions here?

(4) the Apparmor in Ubuntu 10.10 regular install and its profiles are not
"very develloped" right?
Maybe somebody can comment on this, it would help me evaluate if what I see
on a ordinary Ubuntu install is already safe?
I actually do not think so as I would doubt the distributors sacrificed
"problem-free-delployment-distro" for less safe. Hence
not very harsh rules to not risk "problems". Any comment would help

Best regards
Alexander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110213/9165b370/attachment.html>

More information about the AppArmor mailing list