2024-10-21T03:00:12 ok, so how do i remove a user from a mailing list? or does my moderator level not allow me to do that? 2024-10-21T03:02:36 You mean paka ? 2024-10-21T03:02:43 yup. 2024-10-21T03:04:40 AFAIK we cannot do things in that area 2024-10-21T03:04:45 i can view the member list in postorius, but i can’t actually _do_ anything if i need to take moderation action 2024-10-21T03:06:04 granted, never needed to, before now 2024-10-21T08:24:21 *** teepee_ is now known as teepee 2024-10-21T13:56:29 Hi 2024-10-21T13:56:57 Is @cboltz here? 2024-10-21T13:58:34 offline at the moment 2024-10-21T14:14:37 acidsys: I see, thank you 2024-10-21T14:14:55 nurmagosuse: now he's here ;) 2024-10-21T14:15:02 oh 2024-10-21T14:15:15 hi cboltz 2024-10-21T14:18:29 hi 2024-10-21T14:20:03 hope you are doing well today 2024-10-21T14:20:53 I heard you are the one responsible for MAC (apparmor) implementation inside opensuse, is that correct? 2024-10-21T14:21:08 yes 2024-10-21T14:21:17 nice, pleasure to meet you 2024-10-21T14:22:00 im contributor from kicksecure/whonix anonymous os 2024-10-21T14:23:27 we have had this idea before for our system: 2024-10-21T14:23:27 https://www.kicksecure.com/wiki/Apparmor-profile-everything 2024-10-21T14:24:20 ah, I see you already found the apparmor.d project :-) 2024-10-21T14:24:34 :) lol yeah 2024-10-21T14:25:38 how much do you see it possible to have implemented in opensuse? likely soon or faraway or unlikey? 2024-10-21T14:26:34 I use the apparmor.d profiles since more than a year (and have them packaged in home:cboltz) 2024-10-21T14:27:07 so far I have these profiles in complain mode, but the amount of missing permissions isn't too big 2024-10-21T14:27:31 so I'll probably switch them to enforce mode in the near future 2024-10-21T14:27:45 awesome! glad to hear 2024-10-21T14:27:58 the state we want to reach is this: 2024-10-21T14:27:58 https://www.kicksecure.com/wiki/Apparmor-profile-everything#Design 2024-10-21T14:28:05 however, it shouldn't be a big surprise that with a rolling release like Tumbleweed, you'll need to update some profiles from time to time 2024-10-21T14:29:13 Thats true, but thats the future of security, packages can be just installed with trusting the developer code that he messed up something 2024-10-21T14:29:21 cant be* 2024-10-21T14:30:33 so to reduce/remove zero days impact to system wide apparmor or selinux (but little bit harder) must be the default 2024-10-21T14:30:42 right, it's always a good idea to have a profile for a program - even if you trust the developer 2024-10-21T14:30:52 (I even have profiles for some of my own scripts) 2024-10-21T14:35:18 so apparmor profiles on enforce mode and the profiles keep evolving from time to time to fix whatever needed to be fixed. 2024-10-21T14:35:20 as we call it principle of least privilege 2024-10-21T14:35:35 that is on the roadmap? 2024-10-21T14:36:27 well, on my roadmap ;-) 2024-10-21T14:37:00 awesome! 2024-10-21T14:37:33 for Tumbleweed, there are plans to have SELinux as default for new installations - but AppArmor will still be supported (and since I'm a heavy AppArmor user, I will continue to support it) 2024-10-21T14:38:09 so that users can choose whatever they prefer 2024-10-21T14:39:06 yeah all good any MAC is good, SELinux is good as well but its harder to play with. 2024-10-21T14:39:06 idea is no package to be installed and trust the developer code 2024-10-21T14:40:53 can you ping me when all enforced level enters tumbleweed? or like a page i can follow the progress where it is going? 2024-10-21T14:42:12 entering tumbleweed will probably take a while - so far, only a few people test the apparmor.d profiles 2024-10-21T14:42:57 and the package will probably be opt-in (you'll have to explicitely install it) because with so many profiles, there will be a few profiles that annoy the users 2024-10-21T14:44:33 true, sadly the way that packages are being installed into the distros is just horrible, full blind trust 2024-10-21T14:45:47 yeah free software is that first correct step to do, but just because its free software doesnt mean it has no vulnerabilities,backdoors..etc 2024-10-21T14:46:27 android for example has way much better security than any distro i know so far 2024-10-21T14:47:32 the reason why I want users to explicitely install the package if they really want it is somewhat different: 2024-10-21T14:48:07 if I'd trigger installation automatically via a dependency, people would get angry at AppArmor and not only uninstall the apparmor.d package, but maybe also disable AppArmor 2024-10-21T14:48:51 OTOH, if they chose to install more profiles, they hopefully know what they are doing, and probably also know how to handle denials (even if they "just" open a bugreport) 2024-10-21T14:52:43 Yeah thats the point here, users need to know that some permissions are just bad to have but if you want to do it, feel free to. but default is secure and tied. 2024-10-21T14:52:46 e.g i want to download file directly into the /home or /root folder from firefox = no, you want to do that then do your manual work to allow it 2024-10-21T14:54:43 right, that's the secure way - and it's the way a distro like kicksecure which has security as its main claim can and should do it. Users expect security by default, even if it's sometimes a bit annoying 2024-10-21T14:55:13 I'd love to do the same for openSUSE, but somehow I'm afraid that some users would get angry ;-) 2024-10-21T14:56:26 that's the difference between "security-focused distributions" and "normal distributions" (which of course should also be secure, but they have to keep the balance between security and not upsetting users) 2024-10-21T14:58:12 tbh look at the big corps operating systems like windows or mac, tons of changes they make that angry the users but does that changes anything? very unlikely 2024-10-21T14:59:41 big corps operating systems do quite well at vendor lock-in, so people continue to use it even if they get upset. with a Linux distribution people will just move on to the next 2024-10-21T15:01:03 that, or they'll disable AppArmor completely - which is worse than installing only well-tested profiles by default, and let people opt in if they want more profiles (that might sometimes be a bit annoying) 2024-10-21T15:02:53 well if the choice is keep the users safe and maybe get some upset (at least at the beginning) VS keep them happy but insecure well not sure the insecure is the right answer in nowadays hacks every minute around the world 2024-10-21T15:04:01 if someone disabled the apparmor then he got hacked after, nobody gonna blame opensuse or any developer 2024-10-21T15:04:24 it's indeed hard to find the right balance - and personally, I always prefer the secure way 2024-10-21T15:04:31 but you know, users ;-) 2024-10-21T15:05:06 they indeed won't blame openSUSE if they disabled AppArmor 2024-10-21T15:05:11 you lock everything down, and expect folks to learn how to work within the security framework, and they're just going to use something else. 2024-10-21T15:05:30 but as long as they don't get hacked, but a profile blocks them from doing something, they can be quite angry ;-) 2024-10-21T15:05:58 on the other hand if opensuse by default has this issue we cant blame the user to figure out how to secure himself, we just say opensuse is insecure by default. 2024-10-21T15:06:16 define openSUSE. 2024-10-21T15:06:28 saying "openSUSE is insecure" is a meaningless statement. 2024-10-21T15:06:51 there isn't a single person out there, that I'm aware of that has "openSUSE" installed. 2024-10-21T15:08:13 user x installed y package from tumbleweed distro, he got hacked because there was a backdoor in that package = tumbleweed insecure by default, doesnt has the right protections measures, period. 2024-10-21T15:08:47 That would be correct for Tumbleweed, in that instance. It may not be true for Leap, MicroOS, Leap Micro, Aeon, Slowroll, or Kalpa. 2024-10-21T15:09:16 when i say opensuse i mean tumbleweed or leap or anything, doesnt matter which, we are talking about the security concept itself 2024-10-21T15:09:33 nurmagosuse: depends where the package came from, I've never had any issues for the 20 odd years I've been using S.u.S.E, SLE and openSUSE... 2024-10-21T15:09:36 Extrapolating an "insecurity" in Tumbleweed does not necessarily imply that it applies to all distributions supplied by the project. 2024-10-21T15:10:43 malcolmlewis: XZ backdoor went into tumbleweed, thats just recently, you can take it as an example and can be done by any other package/app 2024-10-21T15:11:11 nurmagosuse: give me physical access to any system and I'll own... 2024-10-21T15:11:17 While we're on the subject, why is this conversation happening in here? 2024-10-21T15:11:24 This belongs in -factory or -chat 2024-10-21T15:11:29 have no idea... 2024-10-21T15:11:35 maybe -security, if that exists? 2024-10-21T15:12:12 SFaulken: if a package installed without MAC defining it on any distro, it will has the same effect. 2024-10-21T15:12:38 SFaulken: oh sorry 2024-10-21T15:12:38 nurmagosuse: head over to chat... 2024-10-21T15:13:00 #apparmor on oftc is probably a better place ;-) 2024-10-21T15:13:13 that said - I have to leave for a while 2024-10-21T15:13:15 see you later! 2024-10-21T15:14:00 apologize, just wanted to chit chat about apparmor implementation in opensuse with cboltz 2024-10-21T15:14:38 This channel is mostly intended for the infrastructure folks to collaborate, not really for project development. 2024-10-21T15:16:10 oh i see, i couldnt find apparmor room tbh, but will add chat room 2024-10-21T15:22:46 #apparmor is on OFTC 2024-10-21T22:34:17 *** teepee_ is now known as teepee