Wednesday, November 11, 2009
php-syslog-ng/Logzilla on CentOS 5.3
Wednesday, March 26, 2008
Reference monitor with AppArmor
AppArmor ("Application Armor") is security software for Linux, released under the GNU General Public License. From 2005 through September 2007, AppArmor was maintained by Novell. AppArmor allows the system administrator to associate with each program a security profile which restricts the capabilities of that program. It supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC).
In addition to manually specifying profiles, AppArmor includes a learning mode, in which violations of the profile are logged, but not prevented. This log can then be turned into a profile, based on the program's typical behavior.
We created a AppArmor profile for thttpd (tinylittlewebserver :http://www.acme.com/software/thttpd/). By using this profile the thttpd only allow to websites containing extension .html.
Following are the steps we performed to create of AppArmor Profile.
1. We use Ubuntu 7.10 platform for our AppArmor Profile creation.
2. First we installed thttpd webserver on it. Then we create different html files like index.html,first.html, and place these files in /var/www which is the default folder for serving the webpages with default port which is port 80.
3. As we are using thttpd webserver and its purpose is to only allow *.html files and no other files so for this purpose we create a AppArmor Profile for thttpd server using the command aa-genprof on the terminal. Before creating AppArmor profile for any application that application must be stopso we first stop the thttpd server with command
4. Now we run the command on terminal ~:# aa-genprof thttpd
10.So we have restrict our application through AppArmor that only static pages with extension with .html will be serve from our webserver.