OpenSUSE :: Can Apparmor Block Execute Any Program In A Specific Dir
Jun 10, 2010prohibit execution of any program include shell command, only be profiled program could be executed, can apparmor do that?
View 5 Replies
ADVERTISEMENT
OpenSUSE :: How Does Apparmor Block A Bad-program
Jun 10, 2010depending on reading some apparmor docs, I know that apparmor read logs to determine what profile a program will be, that means a profile only can be built when the program have been exec at least a time, or we already how will be executed of a specific program. but if a hack inserts a bad-program such as a back door or virus what should never be executed any time, and at the same time we don't know what's the consequence will happen due to the behaviors of a bad-program. therefore, how could apparmor do to prevent these situations? Can apparmor confine every thing what under a specific directory by default? because use: aa-autodep /path/to/restrict/* is 'complain' by default and everything are allowed, can apparmor deny everything by default?
View 2 Replies View RelatedGeneral :: Execute A Program Based On A Keypress From A Specific USB Keyboard?
May 4, 2011I've been given one of these ubiquitous usb-sleep buttons which is basically a supersimple usb-keyboard. It's a big button that sends a SLEEP keypress to the computer when you slam it. But that is pretty boring. I'd love to remap it to do something more fun but I can't figure out how to bind to only the sleep press from the button and not from my ordinary keyboard.
The button identifies as
Bus 001 Device 035: ID 1130:600d Tenx Technology, Inc.
I'd like to know if there's either
a way of mapping a key from a specific keyboard to an action OR a way of remapping the sleep key from a specific keyboard to a new key-code or something like that.
OpenSUSE :: Execute Program On Wake / Kill Program On Suspend?
Apr 15, 2011I have problems to get it work. i have tried to use pm-utils, but it does nothing.
What is need is to kill application, when pc is going into suspend to ram and run that application again on wake. It's a graphical application.
Server :: Sendmail: Block Specific Sender To Specific Recipient?
Oct 1, 2009I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
View 6 Replies View RelatedUbuntu Security :: Using Apparmor To Restrict Networking To Specific Ports?
Jun 12, 2011Perhaps it is my misinterpretation of AppArmor, how can it be configured to restrict TCP or UDP traffic to/from specific ports?
The profile "abstractions/nameservice", under the section "# TCP/UDP network access", doesn't seem to lock the application to port 53. What am I missing? Restriction to specific ports is something that systrace can do so I'd expect nothing less from AppArmor.
Ubuntu Security :: AppArmor Enforce Program Without Logging?
Apr 19, 2011I have a program that generates large amounts of apparmor log messages. I'm happy to enforce restrictions on the program but I really don't want it to fill my log with messages every time it attempts to read a file.
Is there a way to let it enforce restrictions but not log denials?
Fedora Security :: Possible To Create Selinux Profile For Program Like With Apparmor?
Jan 15, 2011Is it possible to create a selinux profile for a program like with Apparmor?
View 4 Replies View RelatedGeneral :: Execute At Specific Time ?
Apr 6, 2011Create a file. change its permissions at a specific time. change the permission.
At the moment this is what I have and it changes the permissions of the file but not according to the time specified.
Ubuntu :: Block IPs When Hitting Specific URL?
Feb 11, 2011I've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.
I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.
Is it possible to automatically block any IP attempting to access this specific URL?
General :: Block A Specific MAC Address?
Feb 5, 2011how to block a specific MAC address
View 2 Replies View RelatedGeneral :: Any Way To Block Specific Websites?
Jul 28, 2011How to block unwanted sites.
View 1 Replies View RelatedHardware :: Add Button To Execute Specific Command?
Oct 27, 2010I have a headless server and I'd like to add a physical button that when pressed would execute a specific command, is there such a device?
View 1 Replies View RelatedGeneral :: Block A Specific Content Using Squid?
Aug 24, 2010In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
View 1 Replies View RelatedNetworking :: Generic Way To Block Specific Port?
Jul 9, 2011Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions:
1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?)
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
What's the analog of this kind of rule to *block* a port?
2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
General :: Block A Specific User To Run SSH And Leave Him The Access To FTP?
Jun 19, 2010I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
View 3 Replies View RelatedNetworking :: Block Specific Websites - Preferred Method ?
May 19, 2010I'm trying to block specific websites, preferably using a portion of the url.
For example, if blocking [url], [url] would also be blocked. This implies that simply blocking a single IP using iptables would not work well.
The names to block will be somewhat dynamic, so a list specification would be ideal.
In my case, the LAN has a mix of linux and ms machines, and they all use a linux gateway currently running dnsmasq.
I find suggestions from using /etc/hosts (might work with yp, but not ideal) on the gateway machine, through to using squid on the gateway machine.
Security :: Block Computer From Connecting To A Specific IP Address?
Feb 13, 2010I was taking a peek at the active connections shown by the Firestarter GUI and noticed the following (the source is my computer):
SourceDestinationPortServiceProgram
192.168.0.11266.235.133.4280HTTP
I closed all Internet related apps and the connection persisted. After a reboot it did not reconnect (yet).The IP address appears to belong to esomniture.com - some sort of web analytics company. How do I prevent my computer from connecting to these rascals. I have found a lot of documentation regarding stopping inbound connections to services on my computer but not the other way. I have various filtering addons installed in Firefox however, this connection seems to be at a lower level as no program is specified as being responsible for the connection.
Programming :: Count Specific Entries Inside A Block?
Jul 15, 2011What I want to do is from a file having block like
<event>
8 3 0.2685416E-02
2 -1 0
21 -1 0
[code]...
The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many
6 1 0.2685416E-02
or how many
7 2 0.2685416E-02
etc etc
I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like
awk '/<event>/,/</event>/{if ($3 -eq 0.2685416E-02 ) { print $1" "$2" "$3}}' file > out
and then
grep -c "$1" "$2" "$3" but with no success since my awk commands prints all lines of each block
Suppose, that in advance I do know the $3, ie the 0.2685416E-02 which is a kind of weight
Programming :: Awk - Input From One Line - Execute Program - Input From Next Line - Execute Program
Sep 25, 2010I have a file with two fields of numbers that I want to use as input for another program.
Code:
The above code does not work, as I think it would take the whole first and second fields as the input for one particular instance of the program 'inputbashangle'. What I want is to get the first two numbers from the first line of the file 'outfailtest', execute 'inputbashangle' with them, then move on to the first two numbers of the second line for all the lines of 'outfailtest'.
Ubuntu :: Allow A Specific Group On Machine To Execute One Command With Sudo?
Aug 22, 2011I'm trying to allow a specific group on my machine to execute one command with sudo without requiring a password, so what I want to do is add something like this to sudoers:
%groupName ALL = (ALL) NOPASSWD: /bin/bash /path/to/shfile.sh argument1 argument2
argument1 needs to be a url : http://subdomain1.subdomain2.domain.com
argument2 needs to be a path of the form /var/www/demo/SomeFolder/application/config/config.php
How do I put in a regex form that sudoers will understand ? I tried reading the sudoers manual, but it didn't help a lot .
General :: Run A Program For A Specific Amount Of Time Starting At A Specific Time?
May 18, 2010I want to record an internet radio station starting at 2:00am tomorrow morning. The specific program on the radio station lasts until 6:00am. The command I need to run to record the station is: Code:mplayer http://wjcu.jcu.edu:8001/listen.pls -ao pcm:file=indie_heat_of_the_night.wav -vc dummy -vo nullI'd use cron, but 1. I'm not sure how to and 2. it seems unnecessarily complicated for something that I only want to run once. If cron is the only/easiest solution, I guess I'll just have to resort to that, but I'd rather not.
View 12 Replies View RelatedGeneral :: Display Specific Block Of Contents Or Lines In Output?
Apr 23, 2010Consider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?
Consider this output:
Code:
[root@localhost ~]# ps au | grep bash
root 6316 0.0 0.0 4672 1440 tty1 Ss+ Apr22 0:02 -bash
root 20847 0.2 0.0 4672 1432 pts/0 Ss Apr23 0:12 -bash
root 21167 0.0 0.0 3920 660 pts/0 S+ 01:00 0:00 grep bash
Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:
Quote:
"ps au | grep bash | head -n 2"
But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!
OpenSUSE :: Set Up Novell Apparmor?
Feb 19, 2010Set up Novell Apparmor? how to do it.
View 2 Replies View RelatedOpenSUSE :: How To Protect Apparmor Itself
Jun 2, 2010recently I am interesting at apparmor, and I have read some docs of it, but I have a question that how to protect apparmor itself? I mean only if gained root privilege then stop apparmor service, all the protection will no longer effect, if I hiding or remove root user then how to remodify profiles if needed that because have not enough privilege.
Is there apparmor maillist? maybe you can email me: <email removed for obvious reasons>
OpenSUSE :: 11.3 Cannot Enable AppArmor?
Jul 18, 2010Here's my problem: Clean OpenSUSE 11.3 64 bit installation using default options into a Virtualbox virtual machine for pre-production testing. I want to check whether AppArmor is enabled, so I enter YaST -> AppArmor Control Panel.
This has a check box named 'Enable AppArmor' which is by default un-checked. I check this box, and then click 'Done'. This takes me back to YaST and I would assume AppArmor has now been enabled. However, when I return to AppArmor Control Panel the check box is deselected again.
Ubuntu :: Possible To Execute Program From RAM
Feb 14, 2010I was wondering if it was possible to execute a program from RAM, like having the file data in a bash script variable and then running it.
Something like this:
ls=`cat ls`
$ls
So is it possible to run a program without touching the hard disk and without creating tmpfs or ramfs (it would need to be standard user privileges).
OpenSUSE :: APParmor Email Alerting?
Mar 16, 2011Email alerting from Apparmor profile to gmail is possible, but email cannot be forwarded to other email address
View 1 Replies View RelatedOpenSUSE :: How To Recompiel The Apparmor Module
Sep 10, 2011In case this is a thread in the wrong section please move it to the right one. Following situation applies.I am using openSUSE 11.1 with modified kernel. Code:# uname -aLinux linux-2c5j 3.0.4-41-desktop #1 SMP PREEMPT Sun Sep 4 18:51:01 CEST 2011 i686 i686 i386 GNU/Linux The compilation did run flawlessly with the SAKC script.However the module apparmor does not load. Infact:Code:# modprobe apparmorFATAL: Module apparmor not found. I understand that I have to recompile the module, right? There I have the first question: wasn't the apparmor module accepted into the kernel (and therefore should be already compiled and available with the normal kernel compile)? Or is this wrong. How can I recompile the apparmor module for my new kernel.
View 1 Replies View RelatedOpenSUSE Install :: Particular App Listed As Apparmor?
Mar 24, 2010Is there a particular app listed as apparmor, or is it a series of separate programs that act as a whole? if the latter, which programs are these. i just got really lucky with my installation of 11.2, and I'm trying to confirm my success.
View 9 Replies View Related