On Thu, Aug 08, 2013 at 05:41:31PM -0700, John Johansen wrote:
> Provide userspace the ability to validate what policy is loaded via
> an exported crypto hash value.

To be clear, the hash value is of the profile blob minus the header,
which means skipping the protocol blob version and the namespace, if
any, correct? At least, that's based on my incomplete understanding
and read of the policy_unpack code this would apply against.

I guess it's okay that the same policy under multiple namespaces
results in the same hash (just trying to understand the implications
thereof).

Acked-by: Steve Beattie <[email protected]>

-- 
Steve Beattie
<[email protected]>
http://NxNW.org/~steve/

Attachment: signature.asc
Description: Digital signature

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to