[conspire] Autorun in GNOME/Nautilus
Ruben Safir
ruben at mrbrklyn.com
Wed Sep 28 03:14:25 PDT 2011
On Wed, Sep 28, 2011 at 09:59:40AM +0000, Nick Moffitt wrote:
> imRunCond expanded to false
> Status: RO
>
> Rick Moen:
> > AppArmor is per-application sandboxing, enforced by a kernel that
> > includes the necessary LSM code.
> >
> > It requires that a 'policy' file exist for any application that's to
> > be corraled in this fashion: The policy file describes various sorts
> > of access that will be permitted or denied to particular pathspecs.
>
> This is an important change from SELinux, which did the right thing from
> a security perspective but entirely the wrong thing from a user
> interface perspective. SELinux prevented EVERYTHING, and you switched
> on permissions as warranted. Unfortunately the procedures for doing
> this weren't widely understood, and admins regularly found themselves in
> a situation where the only information they had was that globally
> disabling SELinux allowed some program to do the work they needed.
>
> Bad scene.
>
> AppArmor does a slightly wrong thing, from a security perspective, in
> that it is default-allow in the set of applications it protects (though
> the profiles themselves are typically written in a default-deny
> fashion). Your hand-compiled program in your home directory isn't
> covered by it, nor is the proprietary vendor-supplied zipfile you opened
> up into the /opt ghetto. But applications that are known to be handling
> risky data or performing sensitive tasks can be locked down to only
> their accepted operational parameters.
>
> This means that admins don't find themselves shutting off apparmor
> just so apache can bind to a funny port. It also means that distros can
> build metre-thick concrete bunkers around programs like evince.
>
> > [1] To get some idea of why Evince needs help, compare its and xpdf's
> > dependencies in my page about PDF readers,
> > http://linuxmafia.com/faq/Apps/pdf-readers.html . (I exclude X11 core
> > libs and also libgcc and friends.)
>
> Have a look at Ubuntu's /etc/apparmor.d/usr.bin.evince profile sometime.
> Kees Cook put a lot of effort into that one, and it's got almost no
> wiggle room at all!
>
are you saying evince can run an executable?
Ruben
> --
> "As I soared high into the tag cloud Xeni Jardin
> carefully put up for me, I couldn't help but wonder how
> high we were above the blogosphere." -- Carlos Laviola
>
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://l
--
http://www.mrbrklyn.com - Interesting Stuff
http://www.nylxs.com - Leadership Development in Free Software
So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998
http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
"Yeah - I write Free Software...so SUE ME"
"The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."
"> I'm an engineer. I choose the best tool for the job, politics be damned.<
You must be a stupid engineer then, because politcs and technology have been attached at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."
© Copyright for the Digital Millennium
More information about the conspire
mailing list