SUSE Conversations


Using AppArmor to Create Confined Root Shells



By: coolguys

December 13, 2006 12:00 am

Reads:100

Comments:0

Rating:0

Novell Support TID: Using AppArmor to Create Confined Root Shells

AppArmor can be used to create “roles” (in the Role Based Access Control sense) that operate as restricted shells in Linux. This even works on root shells. For instance, suppose you have some junior system administrators in your enterprise, and their job is to do system log analysis looking for problems. They need root access to do this, but you don’t feel comfortable trusting them; they might be evil, or they might just make mistakes. So you want to allow them to only have part of root’s privilege to access the system log, but not the power to mess with the database, reboot the machine, etc.

To do this, you create a role using AppArmor with the following steps:

  1. Creating a “special” shell for this role, e.g. call it logbash for the role of syslog analyst.
  2. Create an AppArmor profile for logbash that restricts anyone running logbash to only do the necessary operations.
  3. Make logbash be the default login shell for people who will be operating in this role.
  4. Change the UID of these people to 0 so that they have root’s privilege, but use their own password and are restricted to run logbash, so you don’t have to share root’s password.

Read the complete TID here

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Categories: Uncategorized

Disclaimer: As with everything else at SUSE Conversations, this content is definitely not supported by SUSE (so don't even think of calling Support if you try something and it blows up).  It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.

Comment

RSS