[apparmor] Firefox profile and ~/Downloads, ~/Public folders permission.

Seth Arnold seth.arnold at canonical.com
Sun Apr 28 21:23:36 UTC 2013


On Sun, Apr 28, 2013 at 04:05:30PM +0200, Daniel Curtis wrote:
> Default profile allows downloads to ~/Downloads and uploads from ~/Public,
> right? So, what should I do or add to achieve this functionality. For now I
> can upload and download files everywhere I want. I would like to achieve
> that the profile will block (permission denied etc.) any attempts to save
> files in another directory.
> 
> I've added a one option after owner$[HOME] mentioned above, but it did not
> work;
> 
> ,-----[ added option ]
> | deny @{HOME}/ r,
> `-----
> 
> Generally; I would like to achieve situation where Firefox/user can not
> save file anywhere; just in Download directory.

Hello Daniel,

Note that AppArmor doesn't know anything about "uploading" or
"downloading" -- it just knows permissions. Thus your user can
"download" from Firefox to any location that the profile grants write
permissions. (Read permission on the containing directory makes the
dialog box a lot easier to use, though I don't think it is strictly
necessary.)

The "deny @{HOME}/ r," line that you added would only slightly
complicate a "save" dialog box -- the home directory would not be
"visible" in the file browser, but it would probably not prevent the
user from saving files anywhere underneath the directory, in a location
with write access.

We have plans for preparing trusted helper programs that can supply a
new "file save" dialog box, and allow saving files somewhere outside of
the profile -- but wheather or not this will ever make sense for a
desktop Firefox is another question. (Firefox is complex; modifying the
dialog boxes in this manner is going to be difficult to do correctly.)

The best you can do is check the profile limits writes where you do not
want them to happen. Prevening writes to some locations make break
Firefox functionality, so be sure to test each change as you make it.

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130428/a9239f0d/attachment.pgp>


More information about the AppArmor mailing list