Hello Mr Johansen Thank You very much for a exhaustive answer. Now, I understand this issue more. However, You wrote:
>> Unfortunately these policy rules are not compatible with >> the version of apparmor in 12.04, unless you update 12.04 >> to a new apparmor userspace that can support them (...) I'm using 16.04 LTS Release since 12.04 LTS has EoL status. Unless, we are talking about the Extended Security Maintenance, offered by Canonical as an ongoing security patches and bug fixes for the kernel and the most essential user space packages in Ubuntu 12.04 etc. But it's a private archive exclusively available to Ubuntu Advantage customers. So, not in my case. >> yep, this is what you need. Though I will note you might want >> something a little different due to the reason for many of >> these ptrace permission requests. So, according to all above and your answer; could/should I use these two rules together in netstat(8) profile? I mean of course these rules; deny capability sys_ptrace, deny ptrace, I'm soory for such naive question, but You wrote something interesting; "Denying all these requests can result in the netstat tool not functioning correctly as it can not gather all the information it needs. I would do some comparisons of its output for your uses cases (...)" I agree with You, but now I have some doubts whether I can use these two rules mentioned earlier? Could You answer simply: yes or not? Thanks, best regards.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
