Hi,
lots of our profiles give access to things like
@{PROC}/@{pid}/[something], which in my understanding:
1. is unnecessarily wide open most of the time: the process often
only needs to gather information about itself, not about any other
process, right?
2. opens the door to side-channel attacks such as Memento:
https://www.cs.utexas.edu/~shmat/shmat_oak12memento.pdf
(hidepid= could help a bit wrt. #2, but the simplistic way in which
it's implemented in the kernel isn't compatible with systemd
currently, so that's not an option for many modern distros.)
=> do we have a variable like @{self} or @{current_pid}, that would
allow us to adjust profiles, so that processes are restricted to read
information about themselves only?
Thanks!
Cheers,
--
intrigeri
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
