search

AvANa-BBS / freepto-lb

Encrypted GNU/Linux OS (based on Debian Wheezy) which can be installed on USB flash drive. Freepto is designed for encrypt your communications, carry your documents in secure way and save your anonymity.
http://www.freepto.mx/
43 stars 14 forks source link

Add Apparmor #101

Open ghost opened 10 years ago

ghost commented 10 years ago

https://wiki.debian.org/AppArmor/HowTo

ghost commented 10 years ago

from tails blog: A critical problem with stacked filesystems, such as aufs, must be fixed at upstream level before we can use AppArmor in Tails. It should be fixed in AppArmor 3.0, which is scheduled for 2013 Q3.

It can be workaround'd if https://bugs.launchpad.net/apparmor/+bug/888077 is fixed (a month or two of dev time, we're told), or by adding "Kernel based alias support" (being discussed privately, stay tuned).

https://bugs.launchpad.net/ubuntu/+source/casper/+bug/131976

boyska commented 10 years ago

I propose to defer this to the next version (the one after 0.2)

ghost commented 10 years ago

I agree. Removed

intrigeri commented 9 years ago

FYI the limitations quoted above are not that hard to workaround: https://tails.boum.org/contribute/design/application_isolation/. See also Tails bugfix/8007-AppArmor-hardening branch for more recent (still not ready nor merged) progress on this front -- especially the design doc should help understand what's going on.