Getting Started With Profiling Applications; Choosing The Applications To Profile - Novell LINUX ENTERPRISE SERVER 10 - INSTALLATION AND ADMINISTRATION 08-05-2008 Installation Manual

48.3 Getting Started with Profiling
Prepare a successful deployment of Novell AppArmor on your system by carefully
considering the following items:
1 Determine the applications to profile. Read more on this in
2 Build the needed profiles as roughly outlined in
3 Keep track of what is happening on your system by running AppArmor reports
4 Update your profiles whenever your environment changes or you need to react

48.3.1 Choosing the Applications to Profile

You only need to protect the programs that are exposed to attacks in your particular
setup, so only use profiles for those applications you really run. Use the following list
to determine the most likely candidates:
Network Agents
Programs (servers and clients) that have open network ports. User clients, such as
mail clients and Web browsers, mediate privilege. These programs run with the
privilege to write to the user's home directory and they process input from poten-
tially hostile remote sources, such as hostile Web sites and e-mailed malicious
code.
Web Applications
Programs that can be invoked through a Web browser, including CGI Perl scripts,
PHP pages, and more complex Web applications.
874 Installation and Administration
Applications
"Choosing the Applications to Profile"
Modifying Profiles" (page 875). Check the results and adjust the profiles when
necessary.
and dealing with security events. Refer to
AppArmor Event Notification and Reports"
to security events logged by AppArmor's reporting tool. Refer to
"Updating Your Profiles"
(page 874).
Section 48.3.3, "Configuring Novell
(page 878).
(page 879).
Section 48.3.1,
Section 48.3.2, "Building and
Section 48.3.4,