On Wed, 25 Apr 2012, [email protected] wrote:
> +/usr/sbin/tor {
> + #include <abstractions/base>
> + #include <abstractions/nameservice>
> +
> + network tcp,
> +
> + capability chown,
> + capability dac_override,
> + capability fowner,
> + capability fsetid,
> + capability setgid,
> + capability setuid,
> +
> + /proc/sys/kernel/random/uuid r,
> + /sys/devices/system/cpu/ r,
> + /sys/devices/system/cpu/** r,
> +
> + /etc/tor/* r,
> + /usr/share/tor/** r,
> +
> + owner /var/lib/tor/** rwk,
> + owner /var/log/tor/log* w,
> +
> + /{,var/}run/tor/control w,
> + /{,var/}run/tor/tor.pid w,
> + /{,var/}run/tor/control.authcookie w,
> + /{,var/}run/tor/control.authcookie.tmp rw,
> +
> + # Site-specific additions and overrides. See local/README for details.
> + #include <local/usr.sbin.tor>
> +}
> diff --git a/debian/control b/debian/control
> index 4acf32a..e6e58ab 100644
On Sat, 19 May 2012, intrigeri wrote:
> > Please include AppArmor profile in the Tor Debian package.
>
> Ping?
Hi.
I'm not exactly sure how apparmor profiles work, but I wonder whether
this profile is complete.
- What about any UDP traffic that tor might cause (resolving hostnames)?
- Does it not need to read from various nodes in /dev, like the randoms?
Is that included by default?
- Why does it not have complete control over its /var/run/tor directory?
Why is it different from /var/lib/tor?
- Why do we restrict access in var/log/tor to files called log*?
Cheers,
--
| .''`. ** Debian **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
