Nov 3 – 5, 2023
Riga, Latvia
Europe/Riga timezone

Building the largest working set of apparmor profiles

Nov 4, 2023, 2:30 PM
25m
Lambda – Talks (Radisson Blu Latvija)

Lambda – Talks

Radisson Blu Latvija

3
Talk (25 Minutes) Security

Speaker

Alexandre Pujol

Description

This talk tells the story of how we build the largest working set of apparmor profiles. The default set of apparmor profiles in Linux is small. It makes Apparmor less useful to prevent thread. apparmor.d is a work in progress project that aims to provide a full set of profiles tailored for all major Linux distributions: Debian, Ubuntu, OpenSUSE, Archlinux and Ubuntu Core. It includes over 1400 profiles; together, they ensure that most Linux processes remain confined. In this talk, we will be going over the main challenges we faced while working on these profiles. The security architecture of the profiles. How did we select the program to confine and why? As there are over 50000 Linux packages, we need to carefully select the profiles to write. How we use integration testing that uses Go, some VM and hundreds of both manually created and automatically generated tests to ensure the profiles do not break your setup. The profiles, tooling and documentation for the project has been published at https://github.com/roddhjav/apparmor.d

Session author's bio

Alexandre Pujol is a French security researcher at The Collaboratory @TUDublin. He is is graduated from a PhD Student in computer security & privacy in University College Dublin, Ireland. His area of work includes user privacy, secret management, and system security. He is the author of multiple password extensions such as pass-tomb and pass-import as well as the maintainer of apparmor.d, a large repository of apparmor profiles.

Social Media https://twitter.com/roddhjav
Level of Difficulty Intermediate

Presentation materials