Labels Milestones

Add AppArmor profiles #303

Manually merged

jwinterm merged 1 commits from asymptotically/wownero:apparmor into master 4 years ago

Conversation 2 Commits 1 Files Changed 2

asymptotically commented 4 years ago

Add AppArmor profiles to lock down daemon and cli wallet.

To test:

• Ensure AppArmor, and default profiles containing abstractions/tunables are installed.
• Copy files to /etc/apparmor.d/.
• Run sudo aa-complain wownerod wownero-wallet-cli to log infractions or sudo aa-enforce wownerod wownero-wallet-cli to block.
• Start daemon and wallet.
• Send some WOWs and have some fun.
• Observe audit log (Messages appended to /var/log/syslog on my system. May be /var/log/audit.log or /var/log/audit/audit.log on others).
• Pray to the big shibe in the sky that nothing is logged.

Add AppArmor profiles to lock down daemon and cli wallet. To test: * Ensure AppArmor, and default profiles containing abstractions/tunables are installed. * Copy files to /etc/apparmor.d/. * Run `sudo aa-complain wownerod wownero-wallet-cli` to log infractions or `sudo aa-enforce wownerod wownero-wallet-cli` to block. * Start daemon and wallet. * Send some WOWs and have some fun. * Observe audit log (Messages appended to `/var/log/syslog` on my system. May be `/var/log/audit.log` or `/var/log/audit/audit.log` on others). * Pray to the big shibe in the sky that nothing is logged.

asymptotically added 1 commit 4 years ago

9cc1a1ad48

utils: Add AppArmor profiles ...

Add AppArmor profiles to lock down daemon and cli wallet.

wowario commented 4 years ago

Owner

@asymptotically would this cause problems for android apps?

@asymptotically would this cause problems for android apps?

jwinterm referenced this issue from a commit 4 years ago

Merge pull request 'Add AppArmor profiles' (#303) from asymptotically/wownero:apparmor into master

jwinterm merged commit 83a26b1291 into master manually 4 years ago

asymptotically deleted branch apparmor 4 years ago

asymptotically commented 4 years ago

Poster

@asymptotically would this cause problems for android apps?

Probably. Android apps are already sandboxed so I think they only use AA for system services.

> @asymptotically would this cause problems for android apps? Probably. Android apps are already sandboxed so I think they only use AA for system services.

continuous-integration/drone/pr Build is passing

Details

The pull request has been manually merged as 83a26b1291.

Sign in to join this conversation.

Reviewers

Request review

No reviewers

Labels

Apply labels

Clear labels

V0.11 bug
Something isn't working duplicate
This issue or pull request already exists enhancement
New feature or request good first issue
Good for newcomers help wanted
Extra attention is needed invalid
This doesn't seem right macOS question
Further information is requested wontfix
This will not be worked on

No Label V0.11 bug duplicate enhancement good first issue help wanted invalid macOS question wontfix

Milestone

Set milestone

Clear milestone

No items

No Milestone

Assignees

Assign users

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: wownero/wownero#303

Write Preview

Loading…

Cancel

Save

There is no content yet.