Hi,
this is written in AppArmor wiki (
http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference ):
===
extended ownership tests (not currently supported)
If the optional equal operator is used then, the test is not against
the euid/fsuid but that the object has the same uid as the uid(s)
following the equal sign.
eg.
owner=fred
owner=1001
owner=(fred)
owner=(fred george)
owner=(fred 1001)
===
Is this still not supported? If not, when it will be? Is support
missing only in userspace tools or directly in kernel?
I would like to implement something like grsecurity's 'trusted path
execution' (only binaries owned by root can be executed).
Thank you for info and hints.
azur
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
