Identifies the AppArmor default profile changes required before shipping RDK to production — including removing the remount capability, and denying access to apparmor_parser, aa-disable, aa-complain and the AppArmor init script.
Tag: Security
Premium App data protection in RDK using AppArmor
How to use AppArmor’s MAC policy with the owner keyword to achieve genuine per-app data isolation in RDK’s WPEFramework — preventing even root from accessing Amazon Prime Video or YouTube data on a shared STB or Smart TV device.