Hello, I just had a short look at the UDS schedule - and basically it looks like the whole security track is about AppArmor ;-)
I'm not sure if I have time to listen to the livestreams, therefore let me send some questions and notes in advance: Most important question: will there be audio recordings available for later download? (IIRC this didn't happen in the last years.) Technical: please hand around the microphone (instead of just sitting around it) - otherwise the livestream is not lough enough and, when made louder, comes with lots of background noise. About the "Application Confinement (Content Access Helper)" session: At the risk of proposing something that you already came up with: ;-) I'd propose to use a standalone binary that can be used by any application (Px'ed or Ux'ed) for file - open and file - save as. This binary should then copy the file to a temporary location (or use a socket?) and hand it over to the calling application. This solution would cover the most interesting[tm] usecases like confining web browsers or acroread. Applications offering file - save (as in: save again, with the same name) might be a bit trickier, and applications allowing to specify a file to open at the commandline ("gimp foo.xcf") as well. The problem is to make sure the user is aware that those files will be opened/written - OTOH displaying a confirmation dialog each time would work, but it would also be annoying. There seems to be a xdg-file-dialog according to google, but I can't find it in the openSUSE repos. Nevertheless, it might be a good place where this feature could be implemented. Oh, and if you implement this, please push it upstream for all applications - I'd love to have this feature in openSUSE too ;-) And a final question that is somewhat unrelated: I remember that using etckeeper was discussed at the last(?) UDS. Did this happen in the meantime? If yes, how good does it work? Regards, Christian Boltz -- Linux just isn't user-friendly when it comes to viruses. You have to work to find and run them. It doesn't happen automatically as it does with Windows. The GNU/Linux folks really should improve this glaring discrepancy. [http://os.newsforge.com/article.pl?sid=05/01/25/1430222&from=rss] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor