[apparmor] [PATCH] 0/10 abstraction updates
Kees Cook
kees.cook at canonical.com
Thu Dec 23 18:55:31 GMT 2010
On Thu, Dec 23, 2010 at 10:05:27AM -0800, John Johansen wrote:
> On 12/22/2010 09:30 AM, Kees Cook wrote:
> > On Tue, Dec 21, 2010 at 04:06:38PM -0600, Jamie Strandboge wrote:
> >> On Tue, 2010-12-21 at 15:50 -0600, Jamie Strandboge wrote:
> >>
> >>> 0002-user-downloads.patch
> >>
> >> abstractions/user-download:
> >> - fix typo for Desktop (should be Desktop/)
> >> - require owner match
> >> - allow writes to @{HOME}/[dD]ownload{,s}
> >
> > ACK. Of note, though, is that these directories can be localized. :(
> > But the abstraction is better than nothing...
> >
> Kees localized as in have a separate that can be looked up.
Right, the xdg-user-dirs package creates the common set of XDG directories,
based on the user's locale, so it's different for each user.
> The currently limitation is that it would be in the root users
> locale not the users, which I don't have a solution for
Yeah, which is why I didn't NAK the abstraction update -- there is no sane
way to deal with it at the moment.
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list