Table of Contents
Advertisement
43.3 Getting Started with Profiling
Prepare a successful deployment of Novell AppArmor on your system by carefully
considering the following items:
1 Determine the applications to profile. Read more on this in
2 Build the needed profiles as roughly outlined in
3 Keep track of what is happening on your system by running AppArmor reports
4 Update your profiles whenever your environment changes or you need to react
43.3.1 Choosing the Applications to Profile
You only need to protect the programs that are exposed to attacks in your particular
setup, so only use profiles for those applications you really run. Use the following list
to determine the most likely candidates:
Network Agents
Programs (servers and clients) that have open network ports. User clients, such as
mail clients and Web browsers, mediate privilege. These programs run with the
privilege to write to the user's home directory and they process input from poten-
tially hostile remote sources, such as hostile Web sites and e-mailed malicious
code.
Web Applications
Programs that can be invoked through a Web browser, including CGI Perl scripts,
PHP pages, and more complex Web applications.
766
Deployment Guide
Applications
"Choosing the Applications to Profile"
Modifying Profiles"
(page 767). Check the results and adjust the profiles when
necessary.
and dealing with security events. Refer to
AppArmor Event Notification and Reports"
to security events logged by AppArmor's reporting tool. Refer to
"Updating Your Profiles"
(page 766).
Section 43.3.3, "Configuring Novell
(page 770).
(page 771).
Section 43.3.1,
Section 43.3.2, "Building and
Section 43.3.4,
Advertisement
Table of Contents
Troubleshooting
