Morioh
Login
Roosevelt Hettinger

Roosevelt Hettinger

3 years ago

So you have your Docker Containers deployed, which in turn are hosting critical applications of your organization? Great! So far, so good!

For the interest of the organization, it remains extremely crucial to keep not only the Containers but also the hosted applications protected from security threats. By default, a deployed Docker originally remains secured through an auto-generated profile docker-default for its containers.

This profile, however, provides moderate security on the application level, and thus it remains highly recommended to implement a security profile through AppArmor which works at the process/program level of an application.

What is AppArmor?

AppArmor (Application Armor) is a Linux Security Module that allows implementing security on a program/process level. Specifically developed security profiles through AppArmor can allow capabilities like folder access, network access, and permission(or not) to read, write, or execute files.

One of the beauties of AppArmor is that it allows a Learning Mode which logs profile violations without preventing them proactively. The Learning Mode Log eventually helps administrators to create a security profile which forms a much hardened security armor based on an application’s process execution. Default Security policies when clubbed with Learning Mode Logs, help forming security policies for even very complex applications in quick turnaround.

AppArmor proactively protects the operating system and applications from external or internal threats and even zero-day attacks by enforcing a specific rule set on a per-application basis. Security policies completely define what system resources individual applications can access, and with what privileges. Access is denied by default if no profile says otherwise.

Installing and Enabling AppArmor

Though AppArmor comes inbuilt with all Linux Kernels, it is not by default the security profile loaded with every boot. Apparmor can be set as the default security profile on every boot by setting the following parameter on kernel :

apparmor=1 security=apparmor
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 CONFIG_DEFAULT_SECURITY_APPARMOR=y

To load all AppArmor security profiles on boot, enable apparmor.service.

#apparmor #docker #serverless #cloud-computing #cloud #docker-top-story #hackernoon-top-story #docker-security-with-apparmor

Advanced Docker Security with AppArmor - An Overview

hackernoon.com

Advanced Docker Security with AppArmor - An Overview

For the interest of the organization, it remains extremely crucial to keep not only the Containers but also the hosted applications protected from security threats. By default, a deployed Docker originally remains secured through an auto-generated profile docker-default for its containers.

1.50 GEEK