Okay, we've been experimenting with this in the thumbnailer, and will look to roll it out in the next landing. The first branch adds code that calls GetConnectionCredentials() to determine the peer's AppArmor label, while the second one adds aa_query_label based security checks based on the label. We were already canonicalising the path name with boost::filesystem::canonical(), so should be safe for the symlink issue.
I managed to get the format of the query message wrong when integrating the code first time, so I've attached a version of the query_file() method using std::string to build the message, which is a bit easier to understand.
Okay, we've been experimenting with this in the thumbnailer, and will look to roll it out in the next landing. The first branch adds code that calls GetConnectionCr edentials( ) to determine the peer's AppArmor label, while the second one adds aa_query_label based security checks based on the label. We were already canonicalising the path name with boost:: filesystem: :canonical( ), so should be safe for the symlink issue.
I managed to get the format of the query message wrong when integrating the code first time, so I've attached a version of the query_file() method using std::string to build the message, which is a bit easier to understand.