[PLUG] Help Needed

Siddhesh Poyarekar siddhesh.poyarekar at gmail.com
Wed Oct 25 23:09:16 IST 2017


On 25 October 2017 at 23:03, harshad wadkar <harshad.wadkar at gmail.com> wrote:
> My information :
> Name : Harshad Wadkar
> Student : PhD student
> Area of Interest : Browser security, Operating system security.
>
> Sir,
>
> I am trying to solve a problem wherein I would like to give (read, write)
> access to file X, if it is accessed by only application Y and again if the
> application Y is invoked by root user.
>
> I have gone through the documentation of Apparmor, seccomp etc. But not able
> to find solution to the problem I am trying to solve.
>
> If you can suggest me a tool or api or library that will help me to solve my
> problem, it will be great.

You could set the file ownership to root and chmod it 600.  Then use
selinux to patch the context of the file and the application so that
the file can only be opened by that application.  I don't know how to
do the latter off the top of my head but there should be howtos out
there for it.

Siddhesh
-- 
https://siddhesh.in


More information about the plug-mail mailing list