AppArmor Profile for TBB.
AppArmor is a Linux MAC. It is enabled by default in Ubuntu.
The primary goal of confining TBB is to prevent an exploit in Firefox to leak the IP address. Is this even possible?
Do we need something like http://rudy.mif.pg.gda.pl/~bogdro/soft/#lhip ?
Even without that, AppArmor still is useful. For example you can easily protect files in your home folder and prevent persistent exploitation.
sudo apt-get install apparmor-utils
sudo aa-genprof tor-browser_en-US/App/vidalia
sudo aa-genprof tor-browser_en-US/App/tor
sudo aa-genprof tor-browser_en-US/App/Firefox/firefox
Profiles are stored in:
(adrelanos) Before it gets purged from pastebin someday, I made a backup on github, but don't plan development:
<a href="https://github.com/adrelanos/Inoffical-TBB-AppArmor"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://s3.amazonaws.com/github/ribbons/forkme_right_red_aa0000.png" alt="Fork me on GitHub"></a>