[apparmor] [PATCH 1/2] add new xdg-desktop abstraction

Steve Beattie steve at nxnw.org
Wed Jan 11 12:04:24 UTC 2012 

On Wed, Jan 11, 2012 at 12:56:23PM +0100, Steve Beattie wrote:
> On Wed, Jan 11, 2012 at 12:45:36PM +0100, Jamie Strandboge wrote:
> > A bug[1] was filed in Ubuntu to add the following to the audio
> > abstraction:
> > @{HOME}/.config rw,
> > 
> > The logic was that in the audio abstraction we have the following:
> > @{HOME}/.cache/event-sound-cache.* rw,
> > 
> > so the logic follows that if this rule is in the abstraction, then
> > if .config didn't exist, it must be created. While I understand the
> > reasoning, it didn't feel quite right, so Steve, John and I discussed
> > this and came up with the idea that we should create an xdg-desktop
> > abstraction based on the upstream documentation[2]. Attached patch adds
> > this abstraction.
> 
> Acked-By: Steve Beattie <sbeattie at ubuntu.com>

Actually, poking at this more, we already have
abstractions/freedesktop.org which also covers access to some of
the xdg-desktop stuff, though it's almost all read-only access
(.recently-used.xbel* is the exception). Perhaps we should unify these?

Or do you think it's valuable to separate out write access to a distinct
abstraction?

> > [1]https://launchpad.net/bugs/914386
> > [2]http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
> > 
> > -- 
> > Jamie Strandboge             | http://www.canonical.com
> 
> > === added file 'profiles/apparmor.d/abstractions/xdg-desktop'
> > --- profiles/apparmor.d/abstractions/xdg-desktop	1970-01-01 00:00:00 +0000
> > +++ profiles/apparmor.d/abstractions/xdg-desktop	2012-01-11 11:07:19 +0000
> > @@ -0,0 +1,24 @@
> > +# vim:syntax=apparmor
> > +# ------------------------------------------------------------------
> > +#
> > +#    Copyright (C) 2012 Canonical Ltd.
> > +#
> > +#    This program is free software; you can redistribute it and/or
> > +#    modify it under the terms of version 2 of the GNU General Public
> > +#    License published by the Free Software Foundation.
> > +#
> > +# ------------------------------------------------------------------
> > +
> > +  # Entries based on:
> > +  # http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
> > +
> > +  owner @{HOME}/.cache/ rw,
> > +
> > +  owner @{HOME}/.config/ rw,
> > +
> > +  owner @{HOME}/.local/ rw,
> > +  owner @{HOME}/.local/share/ rw,
> > +
> > +  # fallbacks
> > +  /usr/share/ r,
> > +  /usr/local/share/ r,
> 
> -- 
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/



> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor


-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120111/c13962f1/attachment.pgp>

More information about the AppArmor mailing list