Hello,
I'm trying to find a way to restrict network access to local subnet for
some programs. I've found that in AppArmor documentation there is a mention
of such a possibility (
http://wiki.apparmor.net/index.php/ProfileLanguage#Network_rules) - ipv4
address expressions and address masks, but I
On Tue, Nov 05, 2013 at 05:34:58AM -0800, John Johansen wrote:
Signed-off-by: John Johansen john.johan...@canonical.com
Both nfs_permission() and fuse_permission() use MAY_CHDIR without an
obvious security hook nearby. (The chroot() syscall does have a nearby
security_path_chroot() call.) Should
On Tue, Nov 05, 2013 at 05:34:59AM -0800, John Johansen wrote:
Signed-off-by: John Johansen john.johan...@canonical.com
Acked-by: Seth Arnold seth.arn...@canonical.com
Thanks
---
security/apparmor/audit.c | 1 +
security/apparmor/include/audit.h | 1 +
security/apparmor/lsm.c
On Tue, Nov 05, 2013 at 05:35:01AM -0800, John Johansen wrote:
Signed-off-by: John Johansen john.johan...@canonical.com
Acked-by: Seth Arnold seth.arn...@canonical.com
---
security/apparmor/audit.c | 1 +
security/apparmor/include/audit.h | 1 +
security/apparmor/lsm.c
On Thu, Nov 28, 2013 at 12:03:06PM +0400, Vladimir Kozlov wrote:
I'm trying to find a way to restrict network access to local subnet for
some programs. I've found that in AppArmor documentation there is a mention
of such a possibility (
Hello,
Am Donnerstag, 28. November 2013 schrieb Seth Arnold:
On Tue, Nov 05, 2013 at 05:34:58AM -0800, John Johansen wrote:
diff --git a/fs/open.c b/fs/open.c
index d420331..9505fc5 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -387,6 +387,10 @@ retry:
if (error)
goto
On 11/28/2013 10:32 AM, Christian Boltz wrote:
Hello,
Am Donnerstag, 28. November 2013 schrieb Seth Arnold:
On Tue, Nov 05, 2013 at 05:34:58AM -0800, John Johansen wrote:
diff --git a/fs/open.c b/fs/open.c
index d420331..9505fc5 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -387,6 +387,10 @@