AppArmorProfiles
2382
Comment: add upcoming AppArmor profiles for Karmic
|
2611
update comment on firefox, and add more detail for libvirt
|
Deletions are marked like this. | Additions are marked like this. |
Line 10: | Line 10: |
|| '''Source package/binary''' || '''7.10''' || '''8.04 LTS''' || '''8.10''' || '''9.04''' || '''9.10''' || || Cups (cupsd) || yes || yes || yes || yes || yes || || OpenLDAP (slapd) || -- || yes || yes || yes || yes || || MySQL (mysqld) || -- || yes || yes || yes || yes || || Bind (named) || -- || yes || yes || yes || yes || || ClamAV (clamd,freshclam) || -- || -- || yes || yes || yes || || gdm-guest-session || -- || -- || yes || yes || yes || || tcpdump || -- || -- || -- || yes || yes || || ISC Dhcpd (dhcpd3) || -- || -- || -- || yes || yes || || ISC Dhcp client (dhclient3) || -- || -- || -- || yes || yes || || Evince || -- || -- || -- || -- || pending || || NTP (ntpd)^1^ || -- || -- || -- || -- || pending || || Firefox (firefox-3.5) || -- || -- || -- || -- || pending^2^ || || Libvirt || -- || -- || -- || -- || pending || |
|| '''Source package/binary''' || '''7.10''' || '''8.04 LTS''' || '''8.10''' || '''9.04''' || '''9.10''' || || Cups (cupsd) || yes || yes || yes || yes || yes || || OpenLDAP (slapd) || -- || yes || yes || yes || yes || || MySQL (mysqld) || -- || yes || yes || yes || yes || || Bind (named) || -- || yes || yes || yes || yes || || ClamAV (clamd,freshclam) || -- || -- || yes || yes || yes || || gdm-guest-session || -- || -- || yes || yes || yes || || tcpdump || -- || -- || -- || yes || yes || || ISC Dhcpd (dhcpd3) || -- || -- || -- || yes || yes || || ISC Dhcp client (dhclient3) || -- || -- || -- || yes || yes || || Evince || -- || -- || -- || -- || pending || || NTP (ntpd)^1^ || -- || -- || -- || -- || pending || || Firefox (firefox-3.5) || -- || -- || -- || -- || pending^2^ || || Libvirt (libvirtd and kvm/qemu guests) || -- || -- || -- || -- || pending || |
Line 26: | Line 26: |
0. Will be disabled by default | 0. Will be disabled by default and be opt-in for advanced users |
AppArmor Profiles
AppArmor is installed and loaded by default starting with Ubuntu 7.10 (Gutsy). Some packages will install their own enforcing profiles, while additional profiles can be found in the package apparmor-profiles from the Universe repository.
Supported Profiles in Main
Source package/binary |
7.10 |
8.04 LTS |
8.10 |
9.04 |
9.10 |
Cups (cupsd) |
yes |
yes |
yes |
yes |
yes |
OpenLDAP (slapd) |
-- |
yes |
yes |
yes |
yes |
MySQL (mysqld) |
-- |
yes |
yes |
yes |
yes |
Bind (named) |
-- |
yes |
yes |
yes |
yes |
ClamAV (clamd,freshclam) |
-- |
-- |
yes |
yes |
yes |
gdm-guest-session |
-- |
-- |
yes |
yes |
yes |
tcpdump |
-- |
-- |
-- |
yes |
yes |
ISC Dhcpd (dhcpd3) |
-- |
-- |
-- |
yes |
yes |
ISC Dhcp client (dhclient3) |
-- |
-- |
-- |
yes |
yes |
Evince |
-- |
-- |
-- |
-- |
pending |
NTP (ntpd)1 |
-- |
-- |
-- |
-- |
pending |
Firefox (firefox-3.5) |
-- |
-- |
-- |
-- |
pending2 |
Libvirt (libvirtd and kvm/qemu guests) |
-- |
-- |
-- |
-- |
pending |
A complain-mode only profile was provided in the apparmor-profiles package in Ubuntu 9.04 and earlier
- Will be disabled by default and be opt-in for advanced users
Filing Bugs
When filing bugs against an installed apparmor profile, please see: https://wiki.ubuntu.com/DebuggingApparmor
SecurityTeam/KnowledgeBase/AppArmorProfiles (last edited 2020-10-26 01:49:03 by alexmurray)