Application Confinement (Environment Filtering)

Registered by Marc Deslauriers

Continue implementation strategy for properly filtering the environment when restricting processes with AppArmor. Session not required-- work being carried over from previous sprints.

Blueprint information

Status:
Not started
Approver:
Jamie Strandboge
Priority:
High
Drafter:
John Johansen
Direction:
Approved
Assignee:
John Johansen
Definition:
Approved
Series goal:
None
Implementation:
Deferred
Milestone target:
None

Related branches

Sprints

Whiteboard

Work items pulled from http://wiki.apparmor.net/index.php/DevelopmentRoadmap

jdstrand, 2013-04-10> Retargeted from raring to s-series
jdstrand, 2013-04-10> tentatively targeted for July
jdstrand, 2013-08-01> retargeted from saucy to t-series (13.10 focuses on SDK apps and they won't need environment filtering. Converged device will)
jdstrand, 2013-11-26> retargeted for u-series (14.04 for Phone and Tablet focuses on SDK apps and they won't need environment filtering. Converged device will)

(?)

Work Items

Work items for ubuntu-13.10:
[jjohansen] env filtering stage 1, whole var matching - upstream (medium) (3): POSTPONED
[jjohansen] env filtering stage 1, whole var matching - kernel (high) (3): INPROGRESS
[jjohansen] env filtering stage 1, whole var matching - parser (high) (1): INPROGRESS
[jjohansen] env filtering stage 1, whole var matching - parser tests (high) (1): INPROGRESS
[jjohansen] env filtering stage 1, whole var matching - regression tests (high) (2): INPROGRESS
[jdstrand] env filtering stage 1, whole var matching - update documentation/man pages (low) (1): POSTPONED
[jjohansen] env filtering stage 2, whole var filtering - upstream (medium) (3): POSTPONED
[jjohansen] env filtering stage 2, whole var filtering - kernel (high) (2): POSTPONED
[jjohansen] env filtering stage 2, whole var filtering - parser (high) (1): POSTPONED
[jjohansen] env filtering stage 2, whole var filtering - parser tests (high) (0.5): POSTPONED
[jjohansen] env filtering stage 2, whole var filtering - regression tests (high) (1): POSTPONED
[jdstrand] env filtering stage 2, whole var filtering - update documentation/man pages (low) (0.5): POSTPONED

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.