Hello, Am Sonntag, 27. Januar 2019, 15:01:40 CET schrieb intrigeri: > John Johansen: > > Policy can be adjusted to include trap profiles that will attach > > to binaries executed out of these directories. The trap profile > > can grant limited to no permissions. > > [...] > > short term: confine users & a trap profile(s) on the /etc/cups dir > > I was not able to find any reference to the "trap profile" idea > in our documentation. Could you please point me in the right > direction? Thanks in advance!
My guess is that John meant something like that: /etc/cups/** Cx -> trap, profile trap { # intentionally left empty } Regards, Christian Boltz -- Seriously? If you accused me of verbally abusing the _feature_ (or rather its implementation), I would understand. But I'm not aware of verbally abusing _people_ (or at least not here, but I hope you don't really have a microphone near my desk). [Michal Kubecek in opensuse-factory]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor