This patch adds the new capability CAP_AUDIT_READ, added in the 3.16 kernel, to the utils severity.db. I set the severity level at 7, since it seemed to offer less exposure than CAP_AUDIT_CONTROL and CAP_AUDIT_WRITE, which are both considered severity 8.
This patch is both for trunk and the 2.8 branch. Signed-off-by: Steve Beattie <st...@nxnw.org> --- utils/severity.db | 1 + 1 file changed, 1 insertion(+) Index: b/utils/severity.db =================================================================== --- a/utils/severity.db +++ b/utils/severity.db @@ -47,6 +47,7 @@ CAP_WAKE_ALARM 8 CAP_BLOCK_SUSPEND 8 CAP_DAC_READ_SEARCH 7 + CAP_AUDIT_READ 7 # unused CAP_NET_BROADCAST 0 -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor