[apparmor] [Tails-dev] AppArmor profiles in Debian
Robert Ransom
rransom.8774 at gmail.com
Thu Feb 16 21:52:47 UTC 2012
On 2012-02-15, intrigeri <intrigeri at boum.org> wrote:
>>> 2. some software that is particularly important in the context of
>>> Tails [0]: I'm mainly thinking of Tor, but GnuPG and icedove also
>>> come to mind.
>
>> What did you have in mind for GPG? Protecting it from itself is a bit
>> tricky. :)
>
> I don't intend to protect GnuPG from itself.
> By design, GnuPG handles much untrusted data.
> I would like to protect the rest of the system from GnuPG.
> Does it make sense, or did I miss something obvious?
> (I'm pretty new in this landscape, so it would not surprise me if I had.)
During normal operation, GnuPG is intended to read the user's secret
keyring and open and use network connections. In some cases, GPG is
intended to do both in the same execution (e.g. decrypting a
public-key-encrypted message, then verifying a signature containing a
keyserver URL).
The consequences of GPG being compromised are so severe that I don't
see a benefit in trying to protect the surrounding system from a
compromised GPG process.
Robert Ransom
More information about the AppArmor
mailing list