Skip to content

Roadmap

Toward a stable release

This is the current list of features that must be implemented to get to a stable release

  • Play machine

  • Sub packages

    • Move most profiles into groups
    • Provide complain/enforced packages version
    • normal/FSP/server packages variants

  • Build system

    • Continuous release on the main branch, ~2 releases per week
    • Provide packages repo for ubuntu/debian
    • Add a just target to install the profiles in the right place
    • Fully drop the Makefile in favor of just

  • Tests

  • Documentation

    • Initial draft of the security model and goal
    • General documentation improvements

  • General improvements

  • Abstractions

  • Document all abstractions
  • Split and reorganize some big abs into set of smaller abstractions. Strictly follow the new abstractions guidelines (layer 0, layer 1, etc.)
  • Abstraction based profiles: Most of the accesses needed by GUI based application are commons. As such 80-90% of the profile content should be handled by abstractions (internally they will have conditions).

  • Test new interface like abstractions - notifications - audio-bluetooth - secrets-service - media-keys - ...

    • Rewrite the desktop abstraction to only contains other abs. No direct rules in it.
    • Rewrite the DE specific abstraction to be a layer 1 abs

  • Security improvements

    • Limit the use of abstractions/common/systemd
    • Ensure systemctl restart/stop/reload is always confined and filtered by unit (dbus only)
    • Revisit the usae of systemd-tty-ask-password-agent

Next features

  • Conditions

    • Integrate the new condition feature in the profiles and restrict them a lot according to the application actually in use. Eg: Gnome | KDE, X11 | Wayland, etc.
    • Create a new aa-config tool, similar to seboolean, to manage various settings, based on conditions.

  • User Data

    • Fully rewrite the way user data is allowed / denied. The current implementation requires too much configuration to be usable by everyone.
    • Add a prompt listener to handle the user data access.

  • Full System Policy

    • Debug tool to show the profiles transition tree, and ensure no profile is missing
    • Remove the default profile

  • Define roles

    • Unrestricted shell role without FSP enabled
    • Define the roles when FSP is enabled

Done

General improvements

  • The apt/dpkg profiles has been rewritten

Abstractions

  • New audio-client and audio-server abstractions
  • New desktop agnostic desktop abstraction for all common access for any GUI app.
  • New graphics abstraction, hardware-agnostic. Fully replace and restrict the old opencl abstractions
  • All new abstractions are documented in the abstractions page

Dbus

  • New dbus-{system,session,accessibility} profiles. Works regardless of the dbus implementation in use.
  • New talk directive: Allow the application to talk to session services. (send to)
  • New own directive: Allow the application to own session services under the given name. (receive, send, bind)
  • New bus-{system,session,accessibility} abstraction to be used in the profiles

Directives