Wednesday, September 5, 2012

AppArmor profile weaknesses in Ubuntu


Dan Rosenberg has blogged about some AppArmor profile weaknesses in Ubuntu:
http://blog.azimuthsecurity.com/2012/09/poking-holes-in-apparmor-profiles.html
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1045986

AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing even unknown application flaws from being exploited.
http://wiki.apparmor.net/index.php/Main_Page


grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. It allows the system administrator to, among other things, define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.

grsecurity provides protection against zero-day and other advanced threats that buys administrators valuable time while vulnerability fixes make their way out to distributions and production testing.








No comments:

Post a Comment