Re: AppArmor Security Goal

From: Dr. David Alan Gilbert
Date: Sat Nov 10 2007 - 18:47:20 EST

Next message: Alan Cox: "Re: AppArmor Security Goal"
Previous message: david: "Re: AppArmor Security Goal"
In reply to: david: "Re: AppArmor Security Goal"
Next in thread: Alan Cox: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* david@xxxxxxx (david@xxxxxxx) wrote:
That I wrote:
> >If the adminisrator set something up with (2) as the starting point it
> >would seem reasonable for the user to be able to add the ability to edit
> >documents in extra directories for their style of organising documents
> >they work on; but they would be restricted in what they could add
> >so that they couldn't add the ability to write to their settings
> >files.
>
> but how can the system know if the directory the user wants to add is
> reasonable or not? what if the user says they want to store their
> documents in /etc?

I was assuming that in a system where the user can add stuff to
the profile the administrator would be able to either grant or exclude
paths that the user was able to add.

Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux on Alpha,68K| Happy \
\ gro.gilbert @ treblig.org | MIPS,x86,ARM,SPARC,PPC & HPPA | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: AppArmor Security Goal"
Previous message: david: "Re: AppArmor Security Goal"
In reply to: david: "Re: AppArmor Security Goal"
Next in thread: Alan Cox: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]