Table of Contents
Advertisement
5 Exit the AppArmor Control Panel with Done.
49.3 Getting Started with Profiling
Prepare a successful deployment of Novell AppArmor on your system by carefully
considering the following items:
1 Determine the applications to profile. Read more on this in
2 Build the needed profiles as roughly outlined in
3 Keep track of what is happening on your system by running AppArmor reports
4 Update your profiles whenever your environment changes or you need to react
49.3.1 Choosing the Applications to Profile
You only need to protect the programs that are exposed to attacks in your particular
setup, so only use profiles for those applications you really run. Use the following list
to determine the most likely candidates:
Network Agents
Programs (servers and clients) have open network ports and network agents are
server programs that respond to those network ports. User clients, such as mail
clients and Web browsers, also have open network ports and mediate privilege.
Any attack on a user's Web browser or e-mail client allows the attacker to steal
private data from the user. In addition to that, the attacker might use the access
gained through that attack as leverage to get more privileges on the system.
882
Installation and Administration
Applications
"Choosing the Applications to Profile"
Modifying Profiles"
(page 883). Check the results and adjust the profiles when
necessary.
and dealing with security events. Refer to
AppArmor Event Notification and Reports"
to security events logged by AppArmor's reporting tool. Refer to
"Updating Your Profiles"
(page 882).
Section 49.3.3, "Configuring Novell
(page 886).
(page 887).
Section 49.3.1,
Section 49.3.2, "Building and
Section 49.3.4,
Advertisement
Table of Contents
Troubleshooting
