[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apparmor-dev
Subject:    Re: [apparmor] =?utf-8?q?=5BQuestion=5D_any_interface_to_IMA_or_TPM?=
From:       Simone Pierluigi Sortino S210003 <s162052 () studenti ! polito ! it>
Date:       2015-11-21 11:51:31
Message-ID: c9df8d10cde1104f709ccf626f34d9a0 () studenti ! polito ! it
[Download RAW message or body]

Il 20.11.2015 21:15 Seth Arnold ha scritto:
> On Fri, Nov 20, 2015 at 05:35:29PM +0100, Simone Pierluigi Sortino
> S210003 wrote:
>> I want to ask if AppArmor provide any kind of interface to IMA or
>> TPM, in order to have some remote attestation or (at least)
>> integroty control.
>> 
>> If it's not available any interface, there is some features able to
>> do that?
> 
> Hello Simone; what exactly are you hoping to achieve with TPM or IMA
> interfaces from AppArmor? We haven't built anything to work with or
> mediate TPM or other IMA devices specifically but perhaps what you want 
> to
> do can be done with proper policy design.
> 
> Thanks


Hey, thank u for the quickly answer.
My goal is find a good way to provide the integrity of files (perhaps 
using some approach hardware based like TPM), but that is more flexible 
than IMA and its limitated number of PCRs.

I know that AppArmor provide a mandatory access control, and I am 
checking if there is any feature related to integrity.
As u know, a MAC only manage right of access to a file (in a very few 
words), but if I use any HEX editor, i should be able to access to any 
memory allocation and modify it without any access control.

then: Has AppArmor any type of protection/control against this kind of 
attack?

thank u (again) for your time


-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]