[apparmor] [PATCH] make private-files* more strict
Steve Beattie
steve at nxnw.org
Fri Jan 7 18:44:44 UTC 2011
On Fri, Jan 07, 2011 at 10:56:23AM -0600, Jamie Strandboge wrote:
> A bug was reported in Ubuntu[1] regarding disallowing access to
> autostart directories. This patch takes that slightly farther and does:
>
> abstractions/private-files: don't allow wl to autostart directories
> abstractions/private-files-strict: don't allow access to:
> - chromium
> - thunderbird
> - evolution
> - kmail
> - kwallet
>
> Nominated for 2.5. I'd be happy to see more additions to private-files*
> as they are blacklists and therefore not complete, but at least with
> this patch we add some important restrictions to kde, chromium and gui
> email files (the intended focus being on passwords).
I generally support this idea; however, you forgot to attach your patch.
:-)
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110107/ec6d7ff5/attachment.pgp>
More information about the AppArmor
mailing list