[apparmor] Apparmor profile query

Thu, 25 Mar 2021 07:05:22 -0700

 

Hi Team,

 

I have a query regarding file access permissions on Apparmor profiles.

 

Here ‘sample.c’ is a C program and ‘sample’ is the binary executable obtained on running it.

 

‘/usr/bin/sample rw, ’ is one of the policies mentioned in an Apparmor profile.

 

My process which has Apparmor profile defined, accesses this ‘sample’ binary to fetch a value from it.

 

  1. Why do I not have execute permission x in my profile for the binary and just rw ?
  2. Isn't it supposed to be ‘/usr/bin/sample rwx’, as the binary file needs to be executed by the process ?

 

Could someone please guide?

 

 

Thanks,

Tarunikaa

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to