From the course: Learning Debian Linux
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Securing programs with AppArmor - Linux Tutorial
From the course: Learning Debian Linux
Securing programs with AppArmor
- [Instructor] AppArmor is a path-based mandatory access control mechanism or MAC, and is enabled by default on new installations of Debian. AppArmor provides a way to control what resources are available to certain programs. Normally, AppArmor will run in the background and not interfere with what you're doing. Programs on the system have AppArmor profiles that define what resources they're supposed to have access to, and while it's rare, we can edit these if something goes wrong. These profiles operate in two ways called enforce and complain. A profile in enforce mode will be enforced. That is to say, if a program is denied access to a resource, it won't be allowed to access the resource and an error will be logged. A profile on complain mode will allow a program to access a resource that it's not granted access to, but will write an entry in the audit log about what activity happened that was intended to be prevented by…
Contents
-
-
-
-
(Locked)
Managing users and access5m 41s
-
(Locked)
Monitoring and controlling processes4m 36s
-
(Locked)
Managing services1m 58s
-
(Locked)
Managing software with APT6m 38s
-
(Locked)
Securing programs with AppArmor4m 2s
-
(Locked)
Configuring networking with NetworkManager4m 57s
-
(Locked)
Managing the firewall with nftables5m 28s
-
(Locked)
Exploring logs2m 53s
-
(Locked)
Upgrading to a new release4m 12s
-
(Locked)
-
-