Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add defense-in-depth: seccomp & apparmor #182

Closed
deeplow opened this issue Aug 15, 2022 · 3 comments
Closed

Add defense-in-depth: seccomp & apparmor #182

deeplow opened this issue Aug 15, 2022 · 3 comments
Labels
container security
Milestone
0.4.0

Comments

@deeplow
Copy link
Contributor

deeplow commented Aug 15, 2022
edited
Loading

Consider adding defense-in-depth mechanisms limiting the scope of what a compromised dangerzone & associated programs can do on the system.

Strategies to consider:

  • apparmor
  • seccomp

Related:
@deeplow
Copy link
Contributor Author

deeplow commented Aug 16, 2022

This should be added only after setting up a set of automated tests both to help generate the profiles and to guarantee we caught most regular usage.

@deeplow deeplow mentioned this issue Aug 16, 2022
Closed
@deeplow deeplow mentioned this issue Aug 17, 2022
Closed
@eloquence eloquence added this to the 0.4.0 milestone Sep 15, 2022
@eloquence
Copy link
Member

Tentatively added to 0.4.0 milestone, but we'll need to decide initial scope (e.g., AppArmor only?).

@apyrgio apyrgio mentioned this issue Oct 17, 2022
Open
8 tasks
@apyrgio
Copy link
Contributor

apyrgio commented Oct 17, 2022

Closing this issue in favor of #225 (seccomp) and #227 (AppArmor), which are part of the larger #221 (defense in depth) issue.

@apyrgio apyrgio closed this as completed Oct 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
container security
Projects
None yet
Milestone
0.4.0
Development

No branches or pull requests
3 participants
@eloquence @apyrgio @deeplow