On 12/15/2015 12:55 PM, Tyler Hicks wrote:
> This patch set creates regression tests for aa-exec and rewrites aa-exec in C
> rather than Perl. The main reason behind the rewrite is that aa-exec is
> becoming a widely used utility that has its place on even the most minimal of
> Linux images and Perl is falling out of favor in some of those environments.
>
> The rewrite is feature complete with one exception. I did not implement the
> --file option of aa-exec. I feel like it encourages programs to be run as root
> since aa-exec must be run as root in order for the specified profile to be
> loaded and there's no privilege dropping option. Instead of complicating
> aa-exec with a privilege dropping option, I decided to leave it out of the new
> aa-exec. I'm open to tacking on another patch to reintroduce --file if anyone
> feels strongly about it.
>
heck no, that was a convenience thing for hacking on apparmor not something we
really want to support
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
