Getting Started With Profiling Applications; Choosing The Applications To Profile - Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION Installation Manual

48.3 Getting Started with Profiling
Prepare a successful deployment of Novell AppArmor on your system by carefully
considering the following items:
1 Determine the applications to profile. Read more on this in Section 48.3.1,
2 Build the needed profiles as roughly outlined in Section 48.3.2, "Building and
3 Keep track of what is happening on your system by running AppArmor reports
4 Update your profiles whenever your environment changes or you need to react

48.3.1 Choosing the Applications to Profile

You only need to protect the programs that are exposed to attacks in your particular
setup, so only use profiles for those applications you really run. Use the following list
to determine the most likely candidates:
Network Agents
Programs (servers and clients) that have open network ports. User clients, such as
mail clients and Web browsers, mediate privilege. These programs run with the
privilege to write to the user's home directory and they process input from poten-
tially hostile remote sources, such as hostile Web sites and e-mailed malicious
code.
Web Applications
Programs that can be invoked through a Web browser, including CGI Perl scripts,
PHP pages, and more complex Web applications.
878 Installation and Administration
Applications
"Choosing the Applications to Profile" (page 878).
Modifying Profiles" (page 879). Check the results and adjust the profiles when
necessary.
and dealing with security events. Refer to Section 48.3.3, "Configuring Novell
AppArmor Event Notification and Reports" (page 882).
to security events logged by AppArmor's reporting tool. Refer to Section 48.3.4,
"Updating Your Profiles" (page 883).