AppArmor abstractions cleanup

Registered by Jamie Strandboge on 2009-11-09

Discuss what is expected from each abstraction and how they can be improved. Will include going through the abstractions as shipped in the apparmor package.

Blueprint information

Status:
Complete
Approver:
Robbie Williamson
Priority:
High
Drafter:
Jamie Strandboge
Direction:
Approved
Assignee:
Jamie Strandboge
Definition:
Approved
Series goal:
Accepted for lucid
Implementation:
Implemented
Milestone target:
None
Started by
Jamie Strandboge on 2010-03-08
Completed by
Jamie Strandboge on 2010-03-08

Related branches

Sprints

Whiteboard

jdstrand feedback: for now distro abstractions are fine with the distro-* convention. No real reason to change. Preferred applications are broken out into different abstractions. Eg ubuntu-email and ubuntu-media-players

Work items:
investigate creating directories for distro abstractions: DONE
move common rules to abstractions: DONE

Gobby notes:
AppArmor abstractions

Abstraction Intent
- originally was high level grouping of common permissions across applications
- there was a second dir "program_chunks" for individual program permission
  grouping. Eg. Acroread permissions for firefox
- dropped program chunks folded into abstractions

New abstractions
 - can include a directory, or perhaps extend to include a file if it exists
 - ubuntu-browsers
  - can use tunables, and append values by dropping in new files
    - problem need to have packages drop in file to update
    - harder to read than just a listing of names
    Dealing with prefered applications
    - ubuntu_helpers
 - have an abstractions/ubuntu.d directory where we put things like ubuntu-browsers, etc
 - ubuntu-desktop, kubuntu-desktop may be worthwhile
 - proc abstraction (to base probably)
 - Need to do a large cross profile analysis

Abstractions Review
- firefox profile abstractions
 - /etc/sounds -> audio
 - dbus-launch? maybe a child profile?
 - sys_ptrace (needed because of /proc fd files) -- cleanup with kernel and userspace
 - owner for firefox .mozilla stuff (and other)
 - gnome abstracton has 'mounts', remove from firefox
 - clean up $HOME/** redundancies
 - /media, /mnt, /srv: r w/o owner, rw with
 - owner for per-user common plugin
 - user-tmp should break out read with owner write (but see what breaks)
 - m implies r
 - try to see if we can move from Uxr to ixr
 - use media players
- evince
 - use /**/*.[bB][mM][pP] r, (don't do this, it is larger)

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.