Application Confinement (DBus)

Registered by Marc Deslauriers on 2012-10-11

Continue implementation strategy for mediating DBus calls with AppArmor. Session not required-- work being carried over from previous sprints.

Blueprint information

Status:
Complete
Approver:
Jamie Strandboge
Priority:
High
Drafter:
John Johansen
Direction:
Approved
Assignee:
John Johansen
Definition:
Approved
Series goal:
Accepted for raring
Implementation:
Implemented
Milestone target:
milestone icon ubuntu-13.04
Started by
Jamie Strandboge on 2012-11-02
Completed by
Jamie Strandboge on 2013-03-28

Related branches

Sprints

(?)

Work Items

Work items:
[tyhicks] dbus - get apparmor parser, library, dbus into a ppa for quantal (high) (1): DONE
[tyhicks] dbus - get apparmor parser, library, dbus into a ppa for raring (high) (1): DONE
[jjohansen] dbus - get apparmor kernel into a ppa for quantal (high) (1): DONE
[jjohansen] dbus - get apparmor kernel into a ppa for raring (high) (1): DONE
[jjohansen] dbus - RFC/discussion (high) (2): DONE
[tyhicks] dbus - make dbus enforcement configurable via dbus configuration (high) (1): DONE
[tyhicks] kernel policy query interface (high) (5): DONE

Work items for later:
[jjohansen] userspace policy matching, userspace matching - libapparmor - deps (high) (4): POSTPONED
[jjohansen] userspace policy matching, unpack exported dfas - libapparmor - deps (high) (4): POSTPONED
[jjohansen] userspace policy matching, - libapparmor unit tests - deps (high) (2): POSTPONED
[tyhicks] dbus daemon, use userspace match - dbus - deps libaparmor userspace match (high) (2): POSTPONED
[tyhicks] userspace policy caching, use policy change notifications - libapparmor (medium) (2): POSTPONED
[tyhicks] userspace policy caching, caching of previous queries - libapparmor (medium) (3): POSTPONED
[tyhicks] userspace policy caching - libapparmor unit tests - deps (medium) (2): POSTPONED
[tyhicks] kernel policy change monitoring interface (high) (5): POSTPONED
[tyhicks] dbus daemon, read from new kernel interface - dbus - deps kernel policy change interface (high) (4): POSTPONED
[tyhicks] dbus daemon, policy updates based on signal - dbus - deps kernel policy change interface (medium) (2): POSTPONED
[tyhicks] upstream - dbus daemon, update dbus hooks - dbus (medium) (2): POSTPONED
[jjohansen] dbus daemon - message data matching - dbus (medium) (4): POSTPONED
[tyhicks] dbus - upstream (medium) (15): POSTPONED