On 12/17/2012 05:29 PM, Christian Boltz wrote:

> Besides that, John forgot to mention Ux, Px and Cx (and Pix, Cix and 
> PUx). They basically do the same as their lowercase counterparts, but 
> are more secure because they clean the environment variables 
> (LD_PRELOAD, PATH etc.) before executing the "child" program.
> 
> In other words: It's recommended to use the uppercase variant of the 
> exec rules (except if a program really needs unmodified environment 
> variables).
> 

It is recommended to use the uppercase variants, but keep in mind they
do not clean out all environment variables-- only those specified in
glibc's secure-exec (ie, PATH is *not* scrubbed). I wrote up something a
while back discussing this[1].

[1]https://wiki.ubuntu.com/SecurityTeam/AppArmorPolicyReview#Execute_rules

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to