On Mon, Jul 01, 2013 at 05:15:07PM -0500, Jamie Strandboge wrote:
> Attached is a patch for aa-easyprof that adds significant functionality over
> what is currently in trunk. I could try to break these out in discrete chunks,
I've got one comment from what I've read so far.. more to follow.
Thank
On Wed, Jul 03, 2013 at 01:06:50PM -0700, Casey Schaufler wrote:
> > What can we mediate with purely LSM hooks?
> >
> > - bind subject protocol
> > - bind subject address
> > - bind subject port
> > - bind subject interface
> > - listen
> > - listen queue length
> > - accept
> > - connect subject p
On 07/03/2013 01:06 PM, Casey Schaufler wrote:
> On 7/2/2013 11:43 PM, Seth Arnold wrote:
>> I wrote a long detailed response to your questions but realized after a
>> while that I was relying on some pretty huge assumptions on how the LSM
>> networking hooks interact with the secmark hooks.
>>
>>
On 7/2/2013 11:43 PM, Seth Arnold wrote:
> I wrote a long detailed response to your questions but realized after a
> while that I was relying on some pretty huge assumptions on how the LSM
> networking hooks interact with the secmark hooks.
>
> So, rather than send a long email based on probably in
On 07/03/2013 12:40 AM, John Johansen wrote:
> On 07/02/2013 11:45 PM, Steve Beattie wrote:
>> I'm coming into this thread a bit late, so my apologies if I'm being
>> truly dense here.
>>
>> On Mon, Jul 01, 2013 at 09:08:23PM -0700, John Johansen wrote:
>>> On 07/01/2013 05:35 PM, Tyler Hicks wrote
Hello,
I had a busy week and missed out on my weekly report.
The detailed progress report can be read in the following post:
http://kshitijblogs.blogspot.com/2013/07/week-2.html
Looking forward to fun weeks coding.
Regards,
Kshitij Gupta
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Mod
On 07/03/2013 01:15 AM, John Johansen wrote:
> On 07/02/2013 11:43 PM, Seth Arnold wrote:
>> I wrote a long detailed response to your questions but realized after a
>> while that I was relying on some pretty huge assumptions on how the LSM
>> networking hooks interact with the secmark hooks.
>>
>>
On 07/03/2013 01:10 AM, Rob Meijer wrote:
> On Wed, July 3, 2013 09:04, John Johansen wrote:
>> On 06/25/2013 04:27 AM, Rob Meijer wrote:
>>> Basically I think there would 3 distinct possibilities:
>>>
>>> 1) The default policy you describe helps to keep any non-special process
>>>from doing a
On 07/03/2013 12:42 AM, azurIt wrote:
>> Hi,
>>
>> i'm having problems with audit rule modifier - it's just not
>> working when used alone. I'm trying to enable only logging with
>> this:
>> audit /home/** a,
>> a
On 07/02/2013 11:43 PM, Seth Arnold wrote:
> I wrote a long detailed response to your questions but realized after a
> while that I was relying on some pretty huge assumptions on how the LSM
> networking hooks interact with the secmark hooks.
>
> So, rather than send a long email based on probably
On Wed, July 3, 2013 09:04, John Johansen wrote:
> On 06/25/2013 04:27 AM, Rob Meijer wrote:
>> Basically I think there would 3 distinct possibilities:
>>
>> 1) The default policy you describe helps to keep any non-special process
>>from doing a readlink on @{PROC}/@{OTHERPID}/fd/*. This would
> Hi,
>
> i'm having problems with audit rule modifier - it's just not
> working when used alone. I'm trying to enable only logging with
> this:
> audit /home/** a,
> audit /home/** w,
By only logging
On 07/02/2013 11:45 PM, Steve Beattie wrote:
> I'm coming into this thread a bit late, so my apologies if I'm being
> truly dense here.
>
> On Mon, Jul 01, 2013 at 09:08:23PM -0700, John Johansen wrote:
>> On 07/01/2013 05:35 PM, Tyler Hicks wrote:
>>> What about only allowing a single permission
On 06/25/2013 04:27 AM, Rob Meijer wrote:
> On Tue, June 25, 2013 11:35, John Johansen wrote:
>> On 06/24/2013 09:31 PM, Rob Meijer wrote:
>>> On Mon, June 24, 2013 22:22, John Johansen wrote:
On 06/24/2013 12:16 AM, Rob Meijer wrote:
> ..
>>> That's amazing news. Could the above blocking of a
14 matches
Mail list logo
