<div dir="ltr"><div><div><div><div>Respected Sir,<br><br></div>Sincere thanks for the immediate reply.<br><br></div>I will work according to your suggestions and let you know my progress.<br><br></div>Thanks & Regards<br><br></div>Harshad<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Oct 25, 2017 at 11:09 PM, Siddhesh Poyarekar <span dir="ltr"><<a href="mailto:siddhesh.poyarekar@gmail.com" target="_blank">siddhesh.poyarekar@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 25 October 2017 at 23:03, harshad wadkar <<a href="mailto:harshad.wadkar@gmail.com">harshad.wadkar@gmail.com</a>> wrote:<br>
> My information :<br>
> Name : Harshad Wadkar<br>
> Student : PhD student<br>
> Area of Interest : Browser security, Operating system security.<br>
><br>
> Sir,<br>
><br>
> I am trying to solve a problem wherein I would like to give (read, write)<br>
> access to file X, if it is accessed by only application Y and again if the<br>
> application Y is invoked by root user.<br>
><br>
> I have gone through the documentation of Apparmor, seccomp etc. But not able<br>
> to find solution to the problem I am trying to solve.<br>
><br>
> If you can suggest me a tool or api or library that will help me to solve my<br>
> problem, it will be great.<br>
<br>
</span>You could set the file ownership to root and chmod it 600. Then use<br>
selinux to patch the context of the file and the application so that<br>
the file can only be opened by that application. I don't know how to<br>
do the latter off the top of my head but there should be howtos out<br>
there for it.<br>
<span class="HOEnZb"><font color="#888888"><br>
Siddhesh<br>
--<br>
<a href="https://siddhesh.in" rel="noreferrer" target="_blank">https://siddhesh.in</a><br>
______________________________<wbr>_________________<br>
plug-mail mailing list<br>
<a href="mailto:plug-mail@plug.org.in">plug-mail@plug.org.in</a><br>
<a href="http://list.plug.org.in/listinfo/plug-mail" rel="noreferrer" target="_blank">http://list.plug.org.in/<wbr>listinfo/plug-mail</a><br>
</font></span></blockquote></div><br></div>