Linux Security Summit 2013/Abstracts/Johansen2

From Linux Kernel Security Subsystem
Jump to: navigation, search

Title

The AppArmor Labeling Model

Presenter

John Johansen, Canonical

Abstract

This presentation would cover in greater detail the AppArmor labeling extension. Specifics of how ApppArmor's labeling model works, and design decisions that where made around the model and implementation.

This will include a discussion of the interaction of object labeling with access path based rules. The relationship between AppArmor's labeling and types, how types can be derived from AppArmor policy, and why labeling is not always a type.

Some performance analysis and comparisons with older versions of AppArmor will can be covered if time permits.

Personal tools
Namespaces

Variants
Actions
Navigation
Tools