Security

There are over 50000 Linux packages and even more applications. It is simply not possible to write an AppArmor profile for all of them. Therefore, a question arises:

What to confine, how, and why?

The security model presented here help us to scope the security policies within the broader context of system security and privacy.

This section presents the security model considered for the profiles in apparmor.d. Despite that this security model looks at Linux security in general, we are only focusing on the threats, model, and implementation within the scope of AppArmor.

Warning

This security model is still a work in progress. Comments and feedbacks are welcome. Discuss it on Github

Ecosystem Review

What are Linux based systems used for? By whom and how?
Threat model

The list of threats the Ecosystem is continuously facing.
Security Model

Given the Ecosystem and the Threat model, what are the rules that should be enforced?
Security Implementation

How AppArmor is used to enforce part of the Security Model?

Security Model

A computer security model is a scheme for specifying and enforcing security policies. A security model may be founded upon a formal model of access rights, a model of computation, a model of distributed computing, or no particular theoretical grounding at all.

Source: Wikipedia

References

The Android Platform Security Model (2023)
ClipOS - A security OS made by the ANSSI (the French NIST) and used for sensitive French government related activities.
Spectrum - A step towards usable secure computing
QubesOS - A reasonably secure operating system
Whonix – An anonymous operating system
Kairos