1 Profile Components And Syntax - Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual
Hide thumbs
Also See for LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009:
- Administration manual (338 pages) ,
- Deployment manual (246 pages) ,
- Application manual (364 pages)
Table of Contents
Advertisement
Profile Components and
Syntax
Building AppArmor profiles to confine an application is very straightforward and intu-
itive. AppArmor ships with several tools that assist in profile creation. It does not require
you to do any programming or script handling. The only task that is required from the
administrator is to determine a policy of strictest access and execute permissions for
each application that needs to be hardened.
Updates or modifications to the application profiles are only required if the software
configuration or the desired range of activities changes. AppArmor offers intuitive tools
to handle profile updates or modifications.
You are ready to build Novell AppArmor profiles after you select the programs to
profile. To do so, it is important to understand the components and syntax of profiles.
AppArmor profiles contain several building blocks that help build simple and reusable
profile code:
#include Files
#include statements are used to pull in parts of other AppArmor profiles to
simplify the structure of new profiles.
Abstractions
Abstractions are #include statements grouped by common application tasks.
Program Chunks
Program chunks are #include statements that contain chunks of profiles that are
specific to program suites.
Profile Components and Syntax
21
197
Advertisement
Table of Contents
