bisq-network / bisq

A decentralized bitcoin exchange network
https://bisq.network
GNU Affero General Public License v3.0
4.72k stars 1.27k forks source link

Provide AppArmor profile #4288

Open komachi opened 4 years ago

komachi commented 4 years ago

I drafted an AppArmor profile for Bisq https://github.com/komachi/apparmor-even-more-profiles/blob/master/profiles/opt.Bisq.Bisq

It works for me on debian stable. I propose shipping an AppArmor profile (you can take mine) as part of deb and rpm packages. This is greatly reduce effect of possible vulnerabilities at nearly no cost other than maintaining this profile. Only users with AppArmor enabled will benefit from this, but that's a lot, given that Ubuntu, Debian and others has it enabled by default.

boring-cyborg[bot] commented 4 years ago

Thanks for opening your first issue here!

Be sure to follow the issue template. Your issue will be reviewed by a maintainer and labeled for further action.

Talkless commented 4 years ago

Hi @komachi , I too use my own Bisq profile on Debian Sid: https://gist.github.com/Talkless/261218250f45f125f8ac541e714ffcce

Not sure though where should it be versioned. I've got qTox [0] profile incorporated into project itself, but it's rather hard to get reviews, as there's not much who knows AppArmor apparently.

Alternative is apparmor-profiles [1] repository, where we could get AppArmor developers into reviews, but that repository versions profiles based on Ubuntu (like 19.10, 20.04) versions... There's some refactoring is planned for that repo but not sure when it will be done. Also, storing profile separately from Bisq sources could make packaging more complicated..? Though Thunderbird Debian package just regularly fetch AppArmor profile from apparmor-profiles and ship in Debian [2].

[0] https://github.com/qTox/qTox/tree/master/security/apparmor [1] https://gitlab.com/apparmor/apparmor-profiles [2] https://salsa.debian.org/mozilla-team/thunderbird/-/tree/debian/sid/debian/apparmor

komachi commented 4 years ago

AppArmor profiles better to be provided by upstream.

apparmor-profiles meant to fill the gap until every package get upsteam profile/until profile is mature enough to be included at least in distribution package. Also Bisq is not packaged by Ubuntu nor by Debian, so it would be strange to maintain profile in apparmor-profiles.

Talkless commented 4 years ago

@komachi Not all profiles in apparmor-profiles repository goes into apparmor-profiles package for (in Debian). As I gave example, Thunderbird maintainer ships profile from apparmor-profiles upstream repository inside thunderbird package. He syncs file time to time into debian dir before releasing new Thunderbird package.

Though I agree that it's kinda inconvenient that Bisq developers would have to fetch profile from other repo, though relying on Bisq developers/contributors on reviewing AppArmor profiles might be naive/optimistic too... Though we can try of course.

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Talkless commented 4 years ago

Ping. Still relevant, just need to find time to actually introduce AppArmor profile.

drzraf commented 1 month ago

How many would run a 300+ MB binary not providing an Apparmor. It should be part of the .deb, it's as simple as that.