[apparmor] [PATCH 20/31] parser: Remove prints and exits from features code
Christian Boltz
apparmor at cboltz.de
Fri Jan 23 18:44:27 UTC 2015
Hello,
Am Donnerstag, 22. Januar 2015 schrieb Steve Beattie:
> On Thu, Jan 22, 2015 at 04:23:00PM -0600, Tyler Hicks wrote:
> > We don't know what a program linking to libapparmor will do with
> > stdout/stderr so I don't know if debug logging to those streams is
> > helpful.
stderr doesn't sound too bad, but might be lost in some situations (like
starting a program via its desktop icon)
> > Maybe in the near future we could add a debug build option to
> > libapparmor and have it support an env variable that specifies a
> > file
> > path to open and log debug messages to?
>
> That would be a very nice improvement indeed.
Would it also be a secure improvement? ;-)
Basically that feature would allow to overwrite any file if an attacker
is able to inject an environment variable...
Possible options IMHO:
- random file names via mktemp (optionally using the env var as
template)
- hardcoded log path /var/log/apparmor/libapparmor, and loglevel set
via env vars (that's what the utils do, BTW)
- use syslog
Regards,
Christian Boltz
--
Alles wird gut. Nichts wird besser. :-)
[Ratti in fontlinge-devel]
More information about the AppArmor
mailing list