Attached is a example program that builds a file query string. to build gcc -o query_file query_file.c -l apparmor
to use query_file <profile_name> file1 file2 file3 ... eg. > ./query_file firefox /tmp /tmp/ read '/tmp' denied read '/tmp/' allowed ** Attachment added: "example program querying file permission access" https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1381713/+attachment/4405699/+files/query_file.c -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1381713 Title: Support policy query interface for file Status in AppArmor Linux application security framework: Triaged Status in apparmor package in Ubuntu: Fix Released Bug description: This bug tracks the work needed to support querying if a label can access a file. This is particularly useful with trusted helpers where an application requests access to a file and the trusted helper does something with it. For example, on Ubuntu when an app wants to play a music file, it (eventually) goes through the media-hub service. The media-hub service should be able to query if the app's policy has access to the file. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1381713/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
