Debian 10 (Buster) ships with AppArmor enabled by default. AppArmor is a Mandatory Access Control framework. When enabled, AppArmor confines programs according to a set of rules that specify what files a given program can access. This proactive approach helps protect the system against both known and unknown vulnerabilities.
As any security measure that can block operations that would otherwise be allowed, this change has potential to occasionally break stuff and cause headaches.
During this workshop, we will share skills about:
- using Debian with AppArmor
- identifying issues caused by incomplete AppArmor policy and reporting them
- improving existing AppArmor policy
- shipping AppArmor policy in Debian packages