AppArmor

Novell AppArmor Administration Guide

Legal Notice

Contents

About This Guide
1. Rückmeldungen
2. Konventionen in der Dokumentation
3. Informationen über die Herstellung dieses Handbuchs
4. Quellcode
5. Danksagung
1. Immunizing Programs
1.1. Introducing the AppArmor Framework
1.2. Determining Programs to Immunize
1.3. Immunizing cron Jobs
1.4. Immunizing Network Applications
2. Profile Components and Syntax
2.1. Breaking a Novell AppArmor Profile into Its Parts
2.2. Profile Types
2.3. #include Statements
2.4. Capability Entries (POSIX.1e)
2.5. Network Access Control
2.6. Paths and Globbing
2.7. File Permission Access Modes
2.8. Execute Modes
2.9. Resource Limit Control
2.10. Auditing Rules
3. AppArmor Profile Repositories
3.1. Using the Local Repository
3.2. Using the External Repository
4. Building and Managing Profiles with YaST
4.1. Adding a Profile Using the Wizard
4.2. Manually Adding a Profile
4.3. Editing Profiles
4.4. Deleting a Profile
4.5. Updating Profiles from Log Entries
4.6. Managing Novell AppArmor and Security Event Status
5. Building Profiles from the Command Line
5.1. Checking the AppArmor Module Status
5.2. Building AppArmor Profiles
5.3. Adding or Creating an AppArmor Profile
5.4. Editing an AppArmor Profile
5.5. Deleting an AppArmor Profile
5.6. Two Methods of Profiling
5.7. Important Filenames and Directories
6. Profiling Your Web Applications Using ChangeHat
6.1. Apache ChangeHat
6.2. Configuring Apache for mod_apparmor
7. Managing Profiled Applications
7.1. Monitoring Your Secured Applications
7.2. Configuring Security Event Notification
7.3. Configuring Reports
7.4. Configuring and Using the AppArmor Desktop Monitor Applet
7.5. Reacting to Security Event Rejections
7.6. Maintaining Your Security Profiles
8. Support
8.1. Updating Novell AppArmor Online
8.2. Using the Man Pages
8.3. For More Information
8.4. Troubleshooting
8.5. Reporting Bugs for AppArmor
9. Background Information on AppArmor Profiling
A. GNU-Lizenzen
A.1. GNU General Public License
A.2. GNU Free Documentation License
Glossary

List of Figures

4.1. YaST Controls for AppArmor
4.2. Learning Mode Exception: Controlling Access to Specific Resources
4.3. Learning Mode Exception: Defining Execute Permissions for an Entry

List of Tables

8.1. Man Pages: Sections and Categories

List of Examples

5.1. Learning Mode Exception: Controlling Access to Specific Resources
5.2. Learning Mode Exception: Defining Execute Permissions for an Entry
6.1. Example phpsysinfo Hat