Apparmor is a neat little utility which can help give an extra layer of protection for your applications. You basically create a profile for an application, and that dictates what the application is allowed to do. If there is a zero-day exploit for that application, it could stop the application from gaining access and elevating ones privileges. For a more overall picture on apparmor you can visit this site.
The first step in using apparmor is to download some pre-built profiles, and to download the utils package so you have the ability to create profiles. This is done with (on debian based machines) the command:
sudo apt-get install apparmor-utils apparmor-profiles
For this test case, let’s create a profile for the recently installed version of rtorrent. So the first thing we would do is to create a profile for the application.
sudo aa-genprof ~/bin/rtorrent
That will create the profile, and put it into “complain” mode. This process is a little simpler if you utilize screen. Basically just run screen, and with the hot-key combinations so you can create a new window. Use the hotkeys to navigate between the screens.
screen
tail -f /var/log/syslog
ctrl a, then c
In the secondary window attempt to run rtorrent. It will probably fail right away with an error similar to the following:
rtorrent: Could not allocate socket for listening.
So one would have to edit the profile to fix this issue.
sudo aa-logprof path.to.rtorrent.profile
Then answer the questions, granting access as required.
This will require some tweaking for sure. So when you have the application opened, do all of the work you require (or attempt to). All of the issues will be saved to your /var/log/syslog. Then run the aa-logprof to fix up your profile.