[apparmor] File permission mode
Christian Boltz
apparmor at cboltz.de
Mon Mar 1 19:36:30 UTC 2021
Hello,
Am Montag, 1. März 2021, 16:40:56 CET schrieb Indhuja A V S:
> I have the following questions regarding file permission access modes,
>
> a) Why multiple writes are used in "/dev/shm/* rww" and
> "/dev/shm/filename www"? What difference does it make by using
> multiple writes instead of a single write?
rw and rrrrrwwwwwww have the same meaning - rw.
Nevertheless, I'd call repeating permissions a (harmless) bug in the
profile. So if you found them in a profile, please ask the profile
author to collapse rww to rw and www to w.
> b) What is the difference between rwk and krw? I can understand that
> order of execution is different but how is it useful?
No difference, the file permissions can be specified in any order you
want.
The only restriction are exec rules - for example, changing Px to xP
would be invalid syntax. (Other permissions can be ordered as you want -
mrPx, Pxrm, rPxm and even mmmrrrrmmPxmm have the same meaning.)
Regards,
Christian Boltz
--
Please, if this thread gets more than 10 posts long and delves into
anecdotes about systems deployed in army conflicts in the 1970s,
please delete it.
[gumb in opensuse-users]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20210301/2d07f340/attachment.sig>
More information about the AppArmor
mailing list