[apparmor] [Merge] lp:~talkless/apparmor/fix_user_download_nonlatin into lp:apparmor
Vincas Dargis
vindrg at gmail.com
Sat Jun 24 15:16:24 UTC 2017
Vincas Dargis has proposed merging lp:~talkless/apparmor/fix_user_download_nonlatin into lp:apparmor.
Requested reviews:
AppArmor Developers (apparmor-dev)
For more details, see:
https://code.launchpad.net/~talkless/apparmor/fix_user_download_nonlatin/+merge/326259
I have noticed that abstractions/user-download profile allows to download into home directory, while protecting dot files:
owner @{HOME}/[a-zA-Z0-9]* rwl,
Though it fails for files with non-latin symbols, tested with /usr/bin/tee copied to /usr/local/bin/testtee with minimal profile using user-download abstraction:
echo "foo" | testtee ~/ąčęėįšųūž
testtee: /home/vincas/ąčęėįšųūž: Permission denied
When file rule is changed into:
owner @{HOME}/[^.]* rwl,
It works as expected:
$ echo "foo" | testtee ~/ąčęėįšųūž
foo
$ echo "foo" | testtee ~/.bashrc
testtee: /home/vincas/.bashrc: Permission denied
--
Your team AppArmor Developers is requested to review the proposed merge of lp:~talkless/apparmor/fix_user_download_nonlatin into lp:apparmor.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: review-diff.txt
Type: text/x-diff
Size: 546 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170624/d22adbc1/attachment.diff>
More information about the AppArmor
mailing list