[apparmor] Reading locally stored html files

Jamie Strandboge jamie at canonical.com
Fri Jan 11 16:24:32 UTC 2013

On 01/11/2013 07:28 AM, Aaron Lewis wrote:
> Hi,
> Was it safe to allow chromium to read locally stored html files, 
> with:
> /{**,}/*.{css,xml,gif,png,jpg,jpeg,html,htm} r,
> Or what you suggest on things like this?
> (The one Jamie created doesn't include such thing yet)
It really depends on site requirements and it is difficult to predict
those for others. Browsers are very powerful programs and typically can
display a lot of different file types. If you were going to go this
root, you would likely need to allow for upper and lower case. My
preference is that the core profile should be highly restricted and only
allow access to certain directories like it does now:
  # Default profile allows downloads to ~/Downloads and uploads from
  # ~/Public
  owner @{HOME}/ r,
  owner @{HOME}/Public/ r,
  owner @{HOME}/Public/* r,
  owner @{HOME}/Downloads/ r,
  owner @{HOME}/Downloads/* rw,

The site administrator can then tailor the profile directly or via
/etc/apparmor.d/local/usr.bin.chromium and distribution can include an
abstraction that they control to extend the policy as desired. This
seems to offer the right message that as an upstream, we want to ship a
quite restrictive profile but also provide flexibility for admins and
distributors of apparmor.

Jamie Strandboge                 http://www.ubuntu.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130111/a85c367f/attachment.pgp>

More information about the AppArmor mailing list