#include <tunables/global>

# AppArmor profile for Tako VM containers
# This provides mandatory access control to restrict /proc access
#
# Installation:
#   sudo cp tako_vm/apparmor_profile.txt /etc/apparmor.d/tako-vm
#   sudo apparmor_parser -r /etc/apparmor.d/tako-vm
#
# Usage in worker.py:
#   cmd.append("--security-opt=apparmor=tako-vm")

profile tako-vm flags=(attach_disconnected,mediate_deleted) {
  #include <abstractions/base>
  #include <abstractions/python>

  # Allow reading most of /proc
  /proc/** r,

  # DENY access to sensitive /proc paths
  deny /proc/*/environ r,
  deny /proc/self/environ r,
  deny /proc/*/fd/** r,
  deny /proc/self/fd/** r,
  deny /proc/*/exe r,
  deny /proc/self/exe r,
  deny /proc/*/cmdline r,
  deny /proc/self/cmdline r,

  # Allow normal operations
  /code/** r,
  /input/** r,
  /output/** rw,
  /tmp/** rw,

  # Python runtime
  /usr/bin/python* rix,
  /usr/lib/python*/** r,
  /usr/local/lib/python*/** r,

  # System libraries
  /lib/** mr,
  /usr/lib/** mr,
  /etc/ld.so.cache r,

  # Allow network (if needed)
  network inet stream,
  network inet6 stream,
  network inet dgram,
  network inet6 dgram,

  # Deny dangerous capabilities
  deny capability sys_admin,
  deny capability sys_module,
  deny capability sys_rawio,
}
