2013-12-11 22:20:43 |
Jamie Strandboge |
description |
When running oxide, I get the following apparmor denials:
Dec 11 16:16:48 localhost kernel: [234482.172630] type=1400 audit(1386800208.786:2180): apparmor="DENIED" operation="open" parent=22731 profile="com.ubuntu.developer.jdstrand.test-oxide_test-oxide_0.1" name="/tmp/" pid=9220 comm="Chrome_IOThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Dec 11 16:16:48 localhost kernel: [234482.172659] type=1400 audit(1386800208.786:2181): apparmor="DENIED" operation="open" parent=22731 profile="com.ubuntu.developer.jdstrand.test-oxide_test-oxide_0.1" name="/var/tmp/" pid=9220 comm="Chrome_IOThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Dec 11 16:16:49 localhost kernel: [234482.481748]
Oxide seems to work ok otherwise, but these denials are noisy and could cause confusion. Oxide should be honoring TMPDIR first, then fall back to /tmp and /var/tmp if it isn't set. While we could silence the denials like so:
deny /tmp/ r,
deny /var/tmp/ r,
this could break future profiles. |
When running oxide, I get the following apparmor denials:
Dec 11 16:16:48 localhost kernel: [234482.172630] type=1400 audit(1386800208.786:2180): apparmor="DENIED" operation="open" parent=22731 profile="com.ubuntu.developer.jdstrand.test-oxide_test-oxide_0.1" name="/tmp/" pid=9220 comm="Chrome_IOThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Dec 11 16:16:48 localhost kernel: [234482.172659] type=1400 audit(1386800208.786:2181): apparmor="DENIED" operation="open" parent=22731 profile="com.ubuntu.developer.jdstrand.test-oxide_test-oxide_0.1" name="/var/tmp/" pid=9220 comm="Chrome_IOThread" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Dec 11 16:16:49 localhost kernel: [234482.481748]
Oxide seems to work ok otherwise, but these denials are noisy and could cause confusion. Oxide should be honoring TMPDIR first, then fall back to /tmp and /var/tmp if it isn't set. While we could silence the denials like so:
deny /tmp/ r,
deny /var/tmp/ r,
this could break future profiles. Allowing the read allows enumerating files in these directories, which could leak information and should not generally be needed. |
|