felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

doc: small update & improvements.

Browse source
This commit is contained in:
Alexandre Pujol 2025-04-27 14:28:18 +02:00
parent 2bc87f68a8
commit 475d8dc082
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
5 changed files with 42 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/development/dbus.md
View file

@ -20,6 +20,8 @@ Default **system**, **session**, and **accessibility** bus access are provided w
- `abstractions/bus-session`
- `abstractions/bus-accessibility`
Do not use the dbus abstractions from apparmor in this project, they won't work as expected as the dbus daemon is confined. Furthermore, in `apparmor.d` there is no such thing as a strict dbus abstraction (`abstractions/dbus-strict`) as they are strict by default: bus access needs to be explicitly allowed using an interface abstraction or a directive.
### Interfaces
Access to common dbus interfaces is done using the abstractions under **[`abstractions/bus/`](https://github.com/roddhjav/apparmor.d/tree/main/apparmor.d/abstractions/bus)**. They are kept minimal on purpose. The goal is not to give full talk access an interface but to provide a *read-only* like view of it. It may be required to have a look at the dbus interface documentation to check what method can be safely allowed.