Yesterday I posted some custom Firefox AppArmor profiles for Ubuntu 12.04. Today I will show you how to get the most protection for Google Chrome on Ubuntu 12.04.
Saturday, September 29, 2012
Thursday, September 27, 2012
In my last post I described what a MAC is and why you should take advantage of the LSM included in the Linux kernel. Today I want to share an AppArmor profile for a few popular applications in Ubuntu 12.04 which should increase the security of those applications rather dramatically.
Tuesday, September 25, 2012
The traditional Linux security model is derived from Unix. This model is known as Discretionary Access Control (DAC). In this model file access is specified by the owner (or group) permissions of the file. This is the traditional UGO (user-group-other) model most of us are familiar with on Unix like systems. Essentially, this means "Bob" is free to modify any files he owns. If he doesn't own the file, then someone else (a different user or the system admin) determines what access (if any) he has by setting the r-w-x bit. If the file is owned by Bob, he can change the r-w-x bits as he sees fit. And of course, the root user (superuser) can change the ownership of any file as well as set the rwx bits as he/she sees fit.