[apparmor] RFC: handling xdg-open and similar helpers
Vincas Dargis
vindrg at gmail.com
Fri Jan 26 16:39:36 UTC 2018
>>>> Or maybe there are, or going to be implemented, some other alternatives? Maybe upcoming delegation could offer different approach?
>>>>
>>> delegation could help some but we really need to finish with the better control over env var scrubbing, relying on the secure exec flag in glibc isn't enough in some cases
>>
>> Maybe you mean like that _capital_ C in "Cx" does not help here enough?
>>
> correct the env var scrubbing is done by setting a flag in the kernel that the elf loader/linker responds to scrubbing certain dangerous environment variables. But script interpreters have their own dangerous set beyond what the elf loader scrubs, we plan to make it so you can specify additional scrubbing in policy.
I think now I got it. It's not enough to remove LD_PRELOAD and similar. There are more, specific ones...
More information about the AppArmor
mailing list