:: Re: [DNG] KUserFeedback
トップ ページ
このメッセージを削除
このメッセージに返信
著者: tito
日付:  
To: dng
題目: Re: [DNG] KUserFeedback
On Sun, 5 Sep 2021 13:25:58 +0200
Antony Stone <Antony.Stone@???> wrote:

> On Sunday 05 September 2021 at 12:54:01, tito via Dng wrote:
>
> > On Sun, 05 Sep 2021 10:18:15 +0000 g4sra wrote:
> > >
> > > How is Apparmor abusive ?
> >
> > I'm not very fond of apparmor for various reasons:
> >
> > 1) I experienced unexpected behavior of programs
> >       silently failing to do something (log, run, etc)
> >       because the apparmor profile was wrong/bugged

> >
> > 2) unless you study every code path in the program you want to
> >     supervise the profiles used will not be safe but nobody really cares
> >      (e.g. maintainer adds a profile that works with the default setup
> >      of the distro (....if it really works))

> >
> > 3) if you use a customized setup of services or other programs
> >       it is highly probable that the profiles will not work for you

>
> So, a bad configuration doesn't work as you would like. No surprise there,
> really.


> > Summary:
> >        apparmor gets in the way of doing stuff...

>
> You can say the same about network firewalls (or almost any security measure,
> in fact). Security is seldom aligned with convenience.

Hi,
Yes and this makes security lucrative and unquestionable.

> However, just as many people would not want to operate systems without a
> network firewall, and are prepared to configure it correctly for their needs, I


All ports by default are in CLOSED state so the default is safe unless
you want to run a service on a port and control or filter access to that service
through this port. You don't need a watchdog by default to check if
the ports are closed. This is security by design.

> think apparmor has a valuable place in enforcing security within one system;
> the price is that the system admin has to tell it to do the right job.


The "right job" as I understand it is to let program apparmor tell program xyz
to do what it is allowed to do, which program xyz already knows as it is
written in his code.
Could program xyz be subverted to do things that are not written in his
code or are unwanted then better fix xyz rather than add more code as
watchdog.

Ciao,
Tito
>
> Antony.
>