permissions update, minor fixes, talks

jamesbjohnson

Permissions update:

AppCL LSM grants permissions in the format of ‘read’, ‘write’ and ‘execute’ permissions. This is done based on a path-based application identifier. A limitation of previous versions is that only one permission could be granted per application in the format below:

/path/to/app:perm;
/bin/nano:r;

To grant multiple permissions, an additional entry was required, in the format below:

/path/to/app:perm;/path/to/app:perm;
/bin/nano:r;/bin/nano:w;

The latest update has removed the need for multiple entries by allowing multiple permissions to be specified for each application path. This is in the format below:

/path/to/app:perms;
/bin/nano:rw;

Other minor updates:

 – The appcl.py userspace tool has been updated to allow multiple permission values to be specified in the attribute build mode.

 – Definitions in the ‘audit.h’ header file have been moved to the ‘appcl_lsm.h’ header file removing the need for this file.

Talks:

The project website now has a page detailing the talks that I have presented on AppCL LSM. The slides from the presentations are available as PDF’s, and when the videos from the talks are released, I will make them available at the link below.

AppCL LSM Talks/Videos

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s