Novell APPARMOR Admin Manual page 68
Hide thumbs
Also See for APPARMOR:
- Quick start manual (5 pages) ,
- Installation & quick start manual (4 pages) ,
- Quick start card (7 pages)
Table of Contents
Advertisement
U s e r ' s G u i d e
Unconfined
Examines open network ports on your system, compares that to the set
of profiles loaded on your system, and reports network services that do
not have Novell AppArmor profiles. unconfined requires root privi-
lege, and that it not be confined by an Novell AppArmor profile.
unconfined must be run as root to retrieve the process executable
link from the proc filesystem. This program is susceptible to the follow-
ing race conditions:
• an unlinked executable will be mishandled
• an executable started before an Novell AppArmor profile is loaded
will not appear in the output, despite running without confinement
• a process that dies between the netstat(8) and further checks will
be mishandled.
Note:
This program only lists processes using TCP and UDP. In
short, this program is unsuitable for forensics use and is provided only
as an aid to profiling all network-accessible processes in the lab.
For more information on the science and security of Novell AppArmor,
refer to the following papers:
• " S u b D o ma i n : P a r s i mo n i o u s S e r v e r S e c u r i t y " . C r i s p i n C o w a n , S t e v e
Beattie, Greg Kroah-Hartman, Calton Pu, Perry Wagle, and Virgil
Gligor. Describes the initial design and implementation of SubDo-
main. Published in the proceedings of the USENIX LISA Confer-
ence, December 2000, New Orleans, LA.
Note:
The above paper is now out of date, describing syntax and fea-
tures that are different from the present SubDomain/Novell AppArmor.
This paper should be used only for scientific background, and not for
technical documentation.
• " D e f c o n C a p t u r e t h e F l a g : D e f e n d i n g V u l n e r a b l e C o d e f r o m I n t e n s e
A t t a c k " . C r i s p i n C o w a n , S e t h A r n o l d , S t e v e B e a t t i e , C h r i s Wr i g h t ,
and John Viega. A good guide on strategic and tactical use of Nov-
ell AppArmor to solve severe security problems in a very short
period of time. Published in the Proceedings of the DARPA Informa-
tion Survivability Conference and Expo (DISCEX III), April 2003,
Washington DC.
68
Advertisement
Table of Contents
Related Manuals for Novell APPARMOR
Related Products for Novell APPARMOR
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP2 Beta 1
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ADMINSTUDIO 9.5