Follow

ManualBox: access control for files with sensitive data (e.g. ssh key, mail logins) for Linux and Mac. Curious how it usable it would be in practice…
kushaldas.in/posts/introducing

@lunar given how much pile of "access denied" you can get when setting up AppArmor for some applications probably not so usable I'd say. Also doesn't seems to care about the parent process in that screenshot, so an attacker tool could just launch a process named gnupg or even directly ask it.

I'd rather have SSH and GnuPG files be only accessible by their software (something which I'll probably try with a global rule in AppArmor). And get a consent box in stuff like pinentry rather than either typing your passphrase all the time or never.
Sign in to participate in the conversation
mastodon.potager.org

Un Mastodon pour la communauté du potager.org.