[pkg-apparmor] APT 1.1~exp3 released to experimental: First step to sandboxed fetcher methods

[intrigeri]

Hi,

> Today, we worked, with the help of ioerror on IRC, on reducing the
> attack surface in our fetcher methods.

\o/

> There are three things that we looked at:

>   1. Reducing privileges by setting a new user and group
>   2. chroot()
>   3. seccomp-bpf sandbox

I'm part of the Debian AppArmor team (Cc'd).

Would it be interesting to have AppArmor profiles that ensure that
e.g. the download methods can only access the files they are supposed
to access? (I don't have the APT privilege separation big picture
in mind.)

Cheers,
--
intrigeri