OpenSUSE :: Create A Profile In Apparmor For Applications?
Apr 16, 2011Is recommended to create a profile in apparmor for applications like amule, firefox, thunderbird, amsn ....?
View 7 Replies
ADVERTISEMENT
Fedora Security :: Possible To Create Selinux Profile For Program Like With Apparmor?
Jan 15, 2011Is it possible to create a selinux profile for a program like with Apparmor?
View 4 Replies View RelatedDebian Configuration :: Apparmor Profile For Iceweasel?
Feb 2, 2014I'm trying to figure out Apparmor,in doing so I've seen that there are no pre-configured profiles for Iceweasel,but there are two for Firefox in /usr/share/doc/apparmor-profiles/extras/ : Will it work if I simply replace "iceweasel" for "firefox" and set those profiles to complain mode,just to see what will eventually happen? Is that too obvious?
View 9 Replies View RelatedUbuntu Security :: Set Up An Apparmor Profile For Firefox?
Apr 28, 2010Anyone set up an Apparmor profile for Firefox?
View 9 Replies View RelatedUbuntu Security :: No Firefox Profile In Apparmor?
Nov 15, 2010I'm trying to understand the Apparmor and would like to get FF profile from Bodhi.zazen [thank you],but I'm kinda new to Linux.Did lots of reading but missing one thing:
1.where is FF profile? I can't see any usr.lib.firefox-3.6.12
2. how do I do copy FF profile from Bodhi.zazen?
Ubuntu Security :: Enabling A New Profile In AppArmor?
Jun 18, 2011When I enable a new AppArmor profile that is not in the kernel, I've used this command:
Code:
apparmor_parser -r /path/to/profile
But when I recently read the manual for AppArmor, it says to use this command for new profiles:
Code:
apparmor_parser -a /path/to/profile
Have I done something wrong by using -r instead of -a?
Ubuntu Security :: Cannot Enforce Firefox 4.0 Apparmor Profile
Apr 29, 2011Since Ubuntu 9.10 I used:
"sudo apt-get install apparmor-profiles
sudo enforce firefox"
However in Lubuntu 11.04 the "sudo enforce firefox" command does no longer work. It looks like the enforce command is no longer recognised.
Ubuntu Security :: Apparmor Profile Deleted / Can't Get It Back
Jun 21, 2011i was trying to edit my firefox apparmor profile. I used aa-genprof, and accidentally closed the terminal before the program was finished. Firefox wouldn't load properly after that whenever it was enforced. I uninstalled and reinstalled the profiles, but it didn't help.Finally I deleted the files for the profile itself ... now it will not reinstall them..I marked all the apparmor packages for complete removal and then reinstalled them but it will not put the original firefox profile back in.
View 2 Replies View RelatedUbuntu Security :: Why Isn't Apparmor Firefox Profile Enabled By Default
Apr 25, 2010This page [URL] shows how to enable apparmor firefox profile. Why isnt apparmor firefox profile enabled by default? I would postulate that this would be because there must be some limitation by having the profile enabled. If so, what would the limitation be?
View 9 Replies View RelatedUbuntu Security :: Generic AppArmor Profile For Untrusted Application
Sep 3, 2010I've read and re-read everything I can find about AppArmor, to no avail. On the whole, AppArmor isn't for me. However, rather than give up on it completely, I have an idea: create a profile that I could use as a template for any untrusted application, with the aim of 1) blocking it from network access and 2) blocking it from installing other applications. I've got as far as creating an empty profile:
Code:
# Generic AppArmor Profile for UntrustedApplication
#include <tunables/global>
/usr/sbin/UntrustedApplication {
#include <abstractions/base> }
What do I need to add to make this profile 100% permissive, except for the two exceptions stated above?
Ubuntu Security :: Firefox Profile In Apparmor Skipped On Startup
Aug 9, 2011I have quiet splash disabled so I can see what boot processes are run on startup, and I notice that on every time I boot my computer the Firefox profile is skipped. Here's the message: Code: Skipping profile in /etc/ apparmor.d/disable: usr.bin.firefox,I checked /etc/apparmor.d/disable, and see that there is indeed a link to usr.bin.firefox. So I'm wondering how/why it got there. I haven't touched anything in AppArmor since my clean install of Natty.
View 6 Replies View RelatedUbuntu Security :: Use Lucid's Default Firefox AppArmor Profile For Swiftfox?
May 14, 2010But I couldn't find a modified version of it for Swiftfox anywhere, so I decided to modify it myself. But I'm not 100% sure that I did it correctly, so I thought I'd ask here.
Also, will Swiftfox 3.6.4 be able to use this same profile? I thought it might not because of the new "Out of process plugins" feature being added.
General :: Login MUCH Slower - Some Reference To AppArmor Profile - Screen Corruption ?
Jul 5, 2010I am new to linux but will try and be as precise as I can. I have a Dell Insp. 1545 with 3GB ram with 10.04_64
Problem: Rather out of the blue upon login, from the time of entering password to the desktop, is MUCH slower. I have no splash enabled and there is some reference to AppArmour profiles (it sits there at this apparmour reference , then sits trying to load desktop). However, I have never configured apparmor. Finally, on last login, there was some sort of screen corruption prior to getting to desktop.
Prior to all this i noticed that firefox "blinked" when I was using it, and then said that it needed to shutdown/restart for updates. I did notice at that time two of my previous tabs sortof acted oddly (moved around then disappeared).
I have no SSH/Server software etc activated.
I did change visudo so that sudo timeout shorter than it was. However that is the only modification to the system recently.
Ubuntu Security :: Migrate - Default "Simple Application" AppArmor Profile
Sep 6, 2010I'm a Windows user, but now trying to migrate to Ubuntu. I have read AppArmor Docs/FAQs, and very impressed with it's possibilities. But I'm still not sure, can I have a profile which is applied to all applications I run (not listed in other profiles)? That would be great to have a "Simple Application" default profile, with permissions, say, to read/write to app's folder and to display graphics/play sounds!
View 1 Replies View RelatedOpenSUSE Hardware :: Option To Configure/create New Image With Few Applications?
Jan 13, 2010I have installed opensuse 11.2 and then installed Kiwi-ltsp (Two network cards installed). Client system is booting from ltsp server using PXE boot method. But in client system full server is loaded. is there any option to configure/create new image with few applications (Openoffice and browser is enough)?
View 3 Replies View RelatedFedora Networking :: Unable To Create VPN Profile - F13 & KDE / Fix It?
Jul 23, 2010I have a fresh install of Fedora 13 64 bit. I am unable to create VPN profiles in network manager as a normal user.
To test: Logging in with gnome as root, I am able to create a VPN profile in Network Manager Logging in with KDE as root, I am not able to create a VPN profile in Network Connections.
Problem: Logging in as a normal user with KDE, I am not able to create a VPN profile in Network Connections. On the VPN tab, the Add... button is greyed out.
What is required to add VPN connections under KDE on Fedora 13?
General :: Create A New Firefox Profile In Solaris?
Dec 2, 2010I know the way to create a new firefox profile in Windows.
I want to create a new firefox profile in linux/solaris.
Ubuntu Multimedia :: Use The Default, Create A New Profile
Jan 18, 2010I was reading some threads this morning and saw mention of the envy script. I wondered if it would make a big difference in graphics (nothing was wrong just curious is all) and downloaded the script. I ran it and there was only one listing for an ATI driver. I installed it and upon reboot I a notification pops up in place of my desktop. It says something about having to use low-res. The thing is it won't even use low-res. I get a box with three choices on it. Use the default, create a new profile, ***something else I forget*** and none of these logs me into desktop.
I blindly checked through some of the boxes and saw some logs. I'm using my dual-boot to type this message. This is on my R51e that has an ATI X200M card. What do I do?
EDIT: So upon reading some threads it seems I will most likely have to reinstall the OS? Am I allowed to throw a temper tantrum here???
I implore anyone who knows how to remove that 8.66***some other numbers*** driver and go back to the default one! I don't think I'll be mucking around with these types of things again!
Networking :: Samba PDC - Client Machine Create New Profile When Server Down
Dec 14, 2010I have set samba domain. I am able to add win 7 and xp clients. All r working fine. But I have a doubt. If I shutdown the samba pdc server, I should be able to login the client machine with the same profile (which I had, when the samba pdc server was up). Now , if I shutdown the sambapdc, I am able to login the client machine, but new profile is being created. How to avoid this.
How to say to samba that the client machine should load the same profile which was created when the server was up and running. I do not want the client machines to create new a profile when the server is down bcoz in windows domain, when the windows domain is shutdown, the client machines are able to login with the same profile (the profile which was created when the domain was up). I wish to have same thing in samba pdc also.
General :: Create A Profile Settings And Network Drive Can Be Mapped Automatically When User Login?
Mar 26, 2010create a profile settings and network drive can be mapped automatically when user login to the (like Domain and active user profile on windows environment) Ubuntu systems?
View 1 Replies View RelatedOpenSUSE :: Set Up Novell Apparmor?
Feb 19, 2010Set up Novell Apparmor? how to do it.
View 2 Replies View RelatedOpenSUSE :: How To Protect Apparmor Itself
Jun 2, 2010recently I am interesting at apparmor, and I have read some docs of it, but I have a question that how to protect apparmor itself? I mean only if gained root privilege then stop apparmor service, all the protection will no longer effect, if I hiding or remove root user then how to remodify profiles if needed that because have not enough privilege.
Is there apparmor maillist? maybe you can email me: <email removed for obvious reasons>
OpenSUSE :: 11.3 Cannot Enable AppArmor?
Jul 18, 2010Here's my problem: Clean OpenSUSE 11.3 64 bit installation using default options into a Virtualbox virtual machine for pre-production testing. I want to check whether AppArmor is enabled, so I enter YaST -> AppArmor Control Panel.
This has a check box named 'Enable AppArmor' which is by default un-checked. I check this box, and then click 'Done'. This takes me back to YaST and I would assume AppArmor has now been enabled. However, when I return to AppArmor Control Panel the check box is deselected again.
OpenSUSE :: How Does Apparmor Block A Bad-program
Jun 10, 2010depending on reading some apparmor docs, I know that apparmor read logs to determine what profile a program will be, that means a profile only can be built when the program have been exec at least a time, or we already how will be executed of a specific program. but if a hack inserts a bad-program such as a back door or virus what should never be executed any time, and at the same time we don't know what's the consequence will happen due to the behaviors of a bad-program. therefore, how could apparmor do to prevent these situations? Can apparmor confine every thing what under a specific directory by default? because use: aa-autodep /path/to/restrict/* is 'complain' by default and everything are allowed, can apparmor deny everything by default?
View 2 Replies View RelatedOpenSUSE :: APParmor Email Alerting?
Mar 16, 2011Email alerting from Apparmor profile to gmail is possible, but email cannot be forwarded to other email address
View 1 Replies View RelatedOpenSUSE :: How To Recompiel The Apparmor Module
Sep 10, 2011In case this is a thread in the wrong section please move it to the right one. Following situation applies.I am using openSUSE 11.1 with modified kernel. Code:# uname -aLinux linux-2c5j 3.0.4-41-desktop #1 SMP PREEMPT Sun Sep 4 18:51:01 CEST 2011 i686 i686 i386 GNU/Linux The compilation did run flawlessly with the SAKC script.However the module apparmor does not load. Infact:Code:# modprobe apparmorFATAL: Module apparmor not found. I understand that I have to recompile the module, right? There I have the first question: wasn't the apparmor module accepted into the kernel (and therefore should be already compiled and available with the normal kernel compile)? Or is this wrong. How can I recompile the apparmor module for my new kernel.
View 1 Replies View RelatedOpenSUSE Install :: Particular App Listed As Apparmor?
Mar 24, 2010Is there a particular app listed as apparmor, or is it a series of separate programs that act as a whole? if the latter, which programs are these. i just got really lucky with my installation of 11.2, and I'm trying to confirm my success.
View 9 Replies View RelatedOpenSUSE :: AppArmor With SSHD Make Sense?
Jun 30, 2011Does it make sense to run sshd confined/protected by apparmor? I get tons of attack/hack attempts on my ssh port daily, I created a white list on my firewall to specify the IP addresses that can ssh into my network. I was also thinking of activating the sshd profile in apparmor for some added protection?
View 5 Replies View RelatedFedora :: Share Default Profile File By NIS Not Have To Setup Profile In Every NIS Clients?
Jul 28, 2010How do I share default profile file by NIS so that I do not have to setup profile in every NIS clients?
View 3 Replies View RelatedOpenSUSE :: Can Apparmor Block Execute Any Program In A Specific Dir
Jun 10, 2010prohibit execution of any program include shell command, only be profiled program could be executed, can apparmor do that?
View 5 Replies View Related