Il 20.11.2015 21:15 Seth Arnold ha scritto:
On Fri, Nov 20, 2015 at 05:35:29PM +0100, Simone Pierluigi Sortino
S210003 wrote:
I want to ask if AppArmor provide any kind of interface to IMA or
TPM, in order to have some remote attestation or (at least)
integroty control.
If it's not available any interface, there is some features able to
do that?
Hello Simone; what exactly are you hoping to achieve with TPM or IMA
interfaces from AppArmor? We haven't built anything to work with or
mediate TPM or other IMA devices specifically but perhaps what you want
to
do can be done with proper policy design.
Thanks
Hey, thank u for the quickly answer.
My goal is find a good way to provide the integrity of files (perhaps
using some approach hardware based like TPM), but that is more flexible
than IMA and its limitated number of PCRs.
I know that AppArmor provide a mandatory access control, and I am
checking if there is any feature related to integrity.
As u know, a MAC only manage right of access to a file (in a very few
words), but if I use any HEX editor, i should be able to access to any
memory allocation and modify it without any access control.
then: Has AppArmor any type of protection/control against this kind of
attack?
thank u (again) for your time
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
