Hello,
Am Freitag, 22. August 2014 schrieb Simon Deziel:
> I've been testing those 2 profiles for a bit and feel they are ready
> to be tested by a larger audience. If any of you is interested,
> feedback/comments/pull requests(*) are welcome!
While the profile in general looks good at the first look, I somewhat
wonder about
/bin/bash Cx -> proxycommand,
profile proxycommand {
[...]
/bin/bash rm,
I slightly ;-) doubt this allows to do anything useful in the shell.
I'm afraid you'll need to allow Ux for various shells to fix that.
Please have a look at the sshd profile we ship in the extras dir
(profiles/apparmor/profiles/extras/usr.sbin.sshd in tarball and bzr)
which does exactly that.
Regards,
Christian Boltz
--
[ X-Mailer: Microsoft Outlook Express 6.00.2800.1106 ]
Damit ist deinem Kmail der Preis für die gruseligste Halloween-Maske
dieses Jahres sicher. [Andreas Koenecke zu Martin Mewes in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
