[pkg-bacula-devel] More defense-in-depth with systemd?

[Sven Hartge]

On 29.10.2017 23:16, Carsten Leonhardt wrote:
> Hi Sven,
> 
>> While doing the other systemd stuff I had another look at the security 
>> measures systemd provides for free and I came up with this for the 
>> directord:
> 
>> So in the end we would only end up with easy protection options for the 
>> directord.
>>
>> Worth doing this? Maybe. Your opinion?

> according to debian-devel, work is being done to enable apparmor by
> default. I think it would make more sense if we would use that.

Yes, I have read about that. Not too thrilled about that when done
hastily and without the support of all DDs. On Ubuntu servers AppArmor
was always a hassle and lead to more headaches in the past than I had
liked. So far, to my shame, the fastest solution to get an application
from Vendor X to run on Ubuntu has always been: switch off AppArmor.
The Ubuntu-supplied profiles worked well enough for the base
installation, but you don't install a server just to run ssh and Apache,
do you?

I hope the implementation Debian will use is better and provides more
usable tools for the admin to see why a process does not have the
correct permissions to do X or Y or Z and amend to AppArmor profiles
accordingly without the need to switch it all off, because nothing works
predictable and reliable anymore.

> Until then, we could of course use the systemd-facilities.

In any case, using multiple levels of security, where one complements
the other, are a good idea, IMHO.

I am testing the settings I mentioned earlier at home right now. So far
nothing broke, backups work, restores work, using bconsole works, the
logs get filled and backing up the database works.

Grüße,
Sven.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-bacula-devel/attachments/20171030/d40f30bf/attachment.sig>