Quoting Wikipedia:

AppArmor ("Application") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It was included in the mainline Linux kernel since version 2.6.36 and its development has been supported by Canonical since 2009.

It is a great tool to harden security for any of your applications on Linux, including Invisible Internet router.

Now we have added i2pd profile for AppArmor which you can just throw into your profiles directory and it will just work.

Instruction

First, make sure you have AppArmor installed and working. Run the following:

sudo apparmor_status

If you have AppArmor, it should output apparmor module is loaded. and list available rules.

If not, follow instructions for how to setup AppArmor: Ubuntu (should be installed by default), Debian, Arch Linux, Gentoo.

After you have installed and enabled AppArmor, download and copy profile into your profiles directory. In Debian/Ubuntu:

wget -O usr.sbin.i2pd https://raw.githubusercontent.com/PurpleI2P/i2pd/openssl/contrib/apparmor/usr.sbin.i2pd && sudo cp usr.sbin.i2pd /etc/apparmor.d/

Finally, enable it:

sudo aa-enforce /usr/sbin/i2pd

Now, every behavior which is not allowed by the profile will be restricted and such event will be logged to syslog. You may want to periodically inspect logged events with the following command:

sudo aa-logprof

Generally, it should not show anything (which is good).

Notes

Our profile is designed for Debian/Ubuntu i2pd packages and was tested with basic i2pd behavior. You may want to customize it according to your specific situation.

Contributions are welcome at GitHub.

AppArmor resources: AppArmor Wiki, Ubuntu Wiki about AppArmor.


Posted at by Darknet Villain     Tags: i2p, i2pd, Ubuntu, Debian, AppArmor, Security, Hardening