apparmor: Change hats

Description Usage Arguments Examples

Description

A hat is a subprofile which name starts with a '^'. The difference between hats and profiles is that one can escape (revert) from the hat using the token. Hence this provides more limited security than a profile.

This function changes the current R process to an AppArmor profile. Note that this generally is a one way process: most profiles explicitly prevent switching into another profile, otherwise it would defeat the purpose.

Find the apparmor mountpoint

Note that in order for this function to do its work, it needs read access to the attributes of the current process. If aa_getcon fails with a permission denied error, it might actually mean that the current process is being confined with a very restrictive profile.

This function tries to lookup the status of AppArmor in the kernel. However, some confined profiles might not have enough privileges to lookup this status. Also see aa_getcon().

Usage

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

Arguments

subprofile

character string identifying the subprofile (hat) name (without the "^")

magic_token

a number that will be the key to revert out of the hat.

profile

character string with the name of the profile.

Examples

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
## Not run: 
aa_change_profile("testprofile");
aa_getcon();
test <- read.table("/etc/group");
aa_change_hat("testhat", 13337);
aa_getcon();
test <- read.table("/etc/group");
aa_revert_hat(13337);
test <- read.table("/etc/group");

## End(Not run)
 ## Not run: 
test <- read.table("/etc/passwd");
aa_change_profile("testprofile");
aa_getcon();
test <- read.table("/etc/passwd");

## End(Not run)

jeroen/RAppArmor documentation built on May 17, 2017, 6:14 p.m.