Re: AppArmor Security Goal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[email protected] wrote:
> a question for Crispin,
>   is there a wildcard replacement for username? so that you could
> grant permission to /home/$user/.mozilla...... and grant each user
> access to only their own stuff? I realize that in this particular
> example the underlying DAC will handle it, but I can see other cases
> where people may want to have users more intermixed (say webserver
> files or directories for example)
This is possible, but tricky. There is no internal kernel data structure
for a UID's home dir. That is parsable at policy load time, so we could
enhance the language so that a rule of "~/.plan" expanded into a special
token that corresponded to some table of user home directories at the
time the policy was loaded. But that is racy, as it becomes invalid if
anyone's home dir moves, or any users are added or removed.

Another way to do it is what JJ posted: enhance the rule language so you
can have one rule for files that you own, and a different rule for files
owned by others. The AppArmor community (well, JJ and I :) are debating
the cost/benefit of this: is the added flexibility worth the added
complexity?

Crispin

-- 
Crispin Cowan, Ph.D.               http://crispincowan.com/~crispin
CEO, Mercenary Linux		   http://mercenarylinux.com/
	       Itanium. Vista. GPLv3. Complexity at work

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux