Securing Linux Applications With AppArmor

Presented at DEF CON 15 (2007), Aug. 5, 2007, 3 p.m. (50 minutes)

The core of the security problem is that most software contains latent bugs, and many of these bug can be exploited by attackers to cause the software to do something undesirable to the victim's computer. To block this threat, one can either use only perfect software (of which there is a shortage :) or use a security system to control what software may and may not do. The problem is that such systems are historically very difficult to use. AppArmor is an application security system that directly attacks the ease of use problem, making it possible for widespread adoption by developers, system administrators, and users. AppArmor provides for security profiles (policies) that specify the the files that a given program may read, write, and execute, and provides tools to quickly and automatically generate these profiles. This presentation will briefly introduce the AppArmor system, and then spend much of the time showing how to best use AppArmor to confine applications and protect systems. AppArmor is pure GPL software, and is available for SUSE, Slackware, Ubuntu, Gentoo, and Red Hat Linux.

Presenters:

• Crispin Cowan - Director of Software Engineering, SUSE/Novell
  Crispin Cowan has been in the computer business for 25 years, and security for 10 years. He was the CTO and founder of Immunix, Inc., acquired by Novell in 2005. Dr. Cowan is now the Security Architect for SUSE Linux, and applications that Novell offers for Linux. Dr. Cowan developed several host security technologies under DARPA funding, including prominent technologies like the StackGuard compiler defense against buffer overflows, and the LSM (Linux Security Modules) interface in Linux 2.6. Dr. Cowan also co-invented the "time-to-patch" method of assessing when it is safe to apply a security patch. Prior to founding Immunix, he was a professor with the Oregon Graduate Institute. He is the program co-chair for the 2007 and 2008 Network and Distributed System Security conferences. He holds a Ph.D. from the University of Western Ontario and a Masters of Mathematics from the University of Waterloo.

Links:

• https://defcon.org/html/defcon-15/dc-15-speakers.html#Cowan
• https://infocon.org/cons/DEF CON/DEF CON 15/DEF CON 15 video/DEF CON 15 - Crispin Cowan - Securing Linux Application with APPArmor - Video.mp4
• https://www.youtube.com/watch?v=mp23AO8qtE4

Similar Presentations:

• AppSec USA 2015 / Security as Code: A New Frontier
• SOURCE Seattle 2017 / Attack and Defense on Linux: Mr Robot Edition