[apparmor] [RFC] handling XDG user directories

Jamie Strandboge jamie at canonical.com
Mon Aug 12 18:44:49 UTC 2013 

On 08/10/2013 03:46 PM, Christian Boltz wrote:
>>>  * apparmor-xdg-dirs.py: this takes the output of 'locale -a' and
> 
> I'm afraid this will result in a bit too much ;-)
> 
> On my system, locale -a gives me 270 locales from aa_DJ to zu_ZA 
> (and I even dropped suffixes like @euro or .utf-8 - with them, I get 460 
> locales) [1]
> 
> In other words: this should be configurable:
> a) autogenerate for all installed languages (which would be a lot on my 
>    system)
> b) autogenerate for all languages in $config_option
> c) similar to b), but somehow automated (on openSUSE, you can choose to 
>    install for example "all german translations" in YaST - this should 
>    also add the german XDG dirs to apparmor)
> d) do not autogenerate anything
> 
> Option a) might even result in too many permissions - I'm quite sure in 
> one of the 270 locales I have, for example ~/downloads translates to a 
> directory name I have, and that should not be accessible ;-)
> 
> The perfect solution would be to only allow the directory names in each 
> user's language (so the profile would have /home/cb/Dokumente/ and 
> /home/english/documents/ for example) - but I know that's not really 
> easy to implement ;-)

Note that apparmor-xdg-dirs.py is but one tool-- the apparmor project itself
would not dictate how a distribution would use it. That said,
apparmor-xdg-dirs.py currently strips off everything before the first '.' so
en_NG and
en_NG.utf8 are not counted twice. Furthermore, while all translations for a
particular language are evaluated, what is actually output are only the unique
translations for each dir. Ie, of your 270 installed locales (that is a lot!),
if there are only 8 unique translations for XDG_DOWNLOAD_DIR between them, only
those eight are output.

As for 'a' being too many permissions-- that is conceivably true though I would
argue that since this is system policy and system installed locales, then they
all should be represented. Admins can choose to not install the extra locales or
even modify their policy. I suppose these tools could grow an option to honor a
config file though. This would allow distribution to integrate the tool but set
the default how they wish, and allow admins to override the distribution default.

-- 
Jamie Strandboge                 http://www.ubuntu.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130812/e4073a1c/attachment.pgp>

More information about the AppArmor mailing list