Displaying 1 to 3 from 3 results

bane - Custom & better AppArmor profile generator for Docker containers.

  •    Go

AppArmor profile generator for docker containers. Basically a better AppArmor profile, than creating one by hand, because who would ever do that. For installation instructions from binaries please visit the Releases Page.

apparmor-profiles - My local apparmor profiles for binary or dangerous apps

  •    Shell

Apparmor profiles I use for binary or potentially dangerous apps. I consider running stuff like skype, adobe-flash, firefox or wine apps quite dangerous - even confined to specific uid they can mess up or gain unsanctioned access to a lot of stuff in $HOME, plus just read a lot of poorly-secured stuff on system (like /etc/passwd or some non-chmodded config), which I don't want them to.

karn - Seccomp/Apparmor profile generation using entitlements

  •    Go

Karn is an admin-friendly tool for creating OCI compliant seccomp and apparmor profiles. Originally proposed here as part of the Linux Container Hardening project. Baseline functionality exists. At this point all possible filters and rules that you can manually express in seccomp and apparmor profiles can be created using karn.