Ubuntu – How to create a default fallback profile for any process that doesn’t have one in AppArmor

apparmorSecurity

Is there a way to specify a default profile on any executable that doesn't have a profile already defined?

The idea is to avoid any unconstrained processes.

Best Answer

According to the mailing list, there could be a way to generate such a default profile in this way:

profile default /** {
  #insert default profile rules here
}

sources: Generate a default/fallback profile? No blacklisting and the responses that follow.

Note that "Currently setting a default profile that applies to the whole system from boot is a bit of a pain but we do have plans to improve that. Unfortunately there is enough other work happen that I don't see it happen soon." from John Johansen's response here.
Anyone interested is requested to read the thread in its entirety.

Related Solutions

Ubuntu – Do I have to enable the AppArmor profile for Firefox? Why isn’t it “on” by default

In theory you don't have to do anything when the firefox version changes as the AA profile is updated too.

"Activating" the FF AppArmor profile via sudo aa-enforce /etc/apparmor.d/usr.bin.firefox will enforce the policies right away, no need to reboot.

Ubuntu – How to tell that apparmor is working

To know the status of your app-armor , type this command in your terminal.

sudo apparmor_status

for example , sample output: enter image description here

To give working performance of Apparmor I think there is no Measurement tool.As I know we have to detect it by the things happening around with your PC I mean something abnormal.

Best Answer

Related Solutions

Ubuntu – Do I have to enable the AppArmor profile for Firefox? Why isn’t it “on” by default

Ubuntu – How to tell that apparmor is working

Related Question