go-apparmor

module
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 13, 2022 License: MIT

README

go-apparmor

Is an initial draft of how apparmor profiles could be managed in golang with a reduced attack surface. It leverages libapparmor to effectively load profiles into the kernel, as well as deleting them too.

libapparmor currently does not provide the parsing of plain-text profiles, but rather requires them to be in binary format. The apparmor_parser (from apparmor-utils) is leveraged to make that conversion, and this operation takes place at lower privilege mode.

Security Context

When running inside a container, the library will automatically attempt to "privilege escalate" into the host's mount namespace just for load/delete operations, and then revert back. However, it would require HostPID and run as privileged from the get go.

Permissions required:

  • Host's PID namespace
  • Host's Mount namespace
  • run as root
  • CAP_SYS_ADMIN
  • privileged (for containers)

Next steps

  • [] Implement Enforceable() and a func to check whether a profile is already loaded.
  • [] Split hostop package from this repo.
  • [] Refactor apparmor package.
  • [] Add some tests.

Directories

Path Synopsis
pkg
apparmor
hostop
Package hostop contains an interface to represent the execution of atomic host operations at a higher privilege.
 Package hostop contains an interface to represent the execution of atomic host operations at a higher privilege.
tests
e2e module

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.