Bug #9534
Tighten AppArmor policy
100%
Description
The results of our self-audit (Feature #8007) have lead to some fixes. Some are mostly ready in the topic branch, some need more thought and thus have dedicated subtasks.
Subtasks
| Bug #9533: Tighten Evince AppArmor policy | Rejected | 20 |
|||
| Bug #9756: Tighten AppArmor policy, phase 1 | Resolved | 100 |
|||
| Bug #10462: Automatically test our AppArmor policy vs. hard links | Rejected | 0 |
|||
| Bug #10463: Mention the hardlinks topic in our AppArmor design doc | Rejected | 0 |
|||
| Bug #10836: Investigate why the Tor Browser AppArmor profile allows starting Totem | Resolved | 100 |
|||
| Bug #11578: Totem AppArmor profile allows opening OTR private key | Resolved | 100 |
|||
| Feature #12125: Mount a tmpfs on /var/tmp, to mitigate the hardlinks permissions open by the user-tmp AppArmor abstraction | Resolved | 100 |
Related issues
|
Related to Tails - |
Resolved | ||
|
Related to Tails - |
Rejected | 2013-07-20 | |
| Related to Tails - Feature #10422: Grant Tor Browser access to files as designated by the user | Confirmed | 2018-08-30 |
History
#1 Updated by intrigeri 2015-06-04 16:05:59
- related to
Feature #8007: Self-audit our AppArmor profiles added
#2 Updated by intrigeri 2015-06-04 16:06:54
- Description updated
#3 Updated by intrigeri 2015-07-18 08:01:45
- Target version changed from Tails_1.5 to Tails_1.7
Let’s stabilize a subset of this (Bug #9756 and subtasks) and postpone the rest.
#4 Updated by intrigeri 2015-08-08 02:46:33
- Feature Branch deleted (
bugfix/8007-AppArmor-hardening)
#5 Updated by intrigeri 2015-10-05 13:23:34
- Target version changed from Tails_1.7 to 246
#6 Updated by sajolida 2015-11-27 04:46:03
- Target version changed from 246 to Tails_2.0
#7 Updated by intrigeri 2015-11-30 02:46:31
- Target version changed from Tails_2.0 to Tails_2.2
#8 Updated by intrigeri 2016-02-05 20:52:38
- Target version changed from Tails_2.2 to Tails_2.4
#9 Updated by intrigeri 2016-04-29 14:25:41
- Target version changed from Tails_2.4 to Tails_2.6
#10 Updated by intrigeri 2016-07-19 08:51:54
- Target version changed from Tails_2.6 to Tails_2.7
#11 Updated by intrigeri 2016-11-05 13:59:44
- Target version changed from Tails_2.7 to 284
#12 Updated by anonym 2016-11-25 10:57:17
- Target version changed from 284 to Tails 2.10
#13 Updated by intrigeri 2017-01-09 18:44:40
- Target version deleted (
Tails 2.10)
#14 Updated by intrigeri 2017-06-05 14:08:08
I’m less and less convinced that it’s the way to go: IMO our current AppArmor policy is close to achieve about the right balance between increasing safety, not being a PITA to maintain, and not affecting UX too negatively. For apps we would like to confine in a stricter way, I think AppArmor shall be complemented with other sandboxing technologies, such as Linux namespaces, as done by things like oz, snap, flatpak and various other sandboxing wrappers. So I would like us to take a step back and think about our goals here before I spend substantial time on this again.
#15 Updated by intrigeri 2017-06-05 14:14:29
- related to
Feature #6178: Evaluate current state of Linux namespaces added
#16 Updated by intrigeri 2018-08-18 09:18:04
- Assignee deleted (
intrigeri)
#17 Updated by Anonymous 2018-08-18 10:36:01
Let’s reevaluate this ticket in ~1 year then.
#18 Updated by Anonymous 2018-08-18 10:37:31
- related to Feature #10422: Grant Tor Browser access to files as designated by the user added
#19 Updated by intrigeri 2019-03-07 15:48:53
- Status changed from In Progress to Resolved
The most important bits were done years ago. I’ve unparented the remaining ones.