Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook

[Jeremy Maitin-Shepard]

Jeremy Maitin-Shepard <jbms@xxxxxxx> writes:

> [snip]

> Well, my point was exactly that App Armor doesn't (as far as I know) do
> anything to enforce the argv[0] convention, nor would it in general
> prevent a confined program from making a symlink or hard link.  Even
> disregarding that, it seems very fragile in general to make an suid
> program (there would be no point in confining the execution of a
> non-suid program) perform essentially access control based on argv[0].

Note that by "confining the execution of a non-suid program", I mean
defining an App Armor profile that prevents the execution of a
particular non-suid program, unless of course the program file itself
contains secret information, which is irrelevant to this discussion.

-- 
Jeremy Maitin-Shepard
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/