[apparmor] prompt qualifier?

Steve Beattie steve at nxnw.org
Fri Nov 9 19:18:41 UTC 2012 

On Fri, Nov 09, 2012 at 09:17:11AM -0800, John Johansen wrote:
> With the work on trusted userspace helpers now proceeding, it raises the
> question as to whether profiles should be able to provide hints to the
> helper what resources can be asked for.
> 
> Take for example a trusted file picker that will be used to extend a
> sandboxed application
> 
> The file picker could extend the sandbox with anything that it can access,
> but we may want to be able tell the trusted file picker that the profile
> should only be able to ask for a certain type/set of files.
> 
> We could do this by extending the profile syntax with an "ask" or "prompt"
> qualifier (or some other word that better matches the intent). It would be
> mutually exclusive to the deny/allow qualifier and a lower priority so that
> any allow or deny rule would override it.
> 
>   eg.
> 
>      prompt @{HOME}/Documents/** rw,
> 
> would allow a profile to specify that the trusted picker can be used to
> pick files from the users documents.

Supposing that this was in place, would the file picker then not even
offer to open files outside of the @{HOME}/Documents/** tree? I'm
trying to see what this enables in the file picker by adding this
keyword.

> We do need to be careful with this as the kernel can't enforce this nor will
> it be available for all types (capabilities, ...), nor will it even work
> for regular file accesses only for applications that go through an api to
> reach the trusted picker.
> 
> There is the possibility of extending this for some permission requests as
> a kernel call out to a userspace daemon at some point in the future, but
> that is NOT what I am proposing providing atm nor should we assume such
> an ability will ever happen.

Sure.

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20121109/ec577f60/attachment.pgp>

More information about the AppArmor mailing list