Re: [apparmor] [Patch 0/4] add new security hooks to apparmor

On Tuesday 05 of November 2013, John Johansen wrote: This is a first pass at adding some of the missing security_path hooks apparmor needs. Any progress on these? Allowing traversal of entire directory tree by kind of bypassing apparmor rules isn't nice :/ -- Arkadiusz Miśkiewicz, arekm /

Re: [apparmor] Initial thoughts on profiling with signal and ptrace

On 03/24/2014 11:05 PM, John Johansen wrote: On 03/24/2014 08:46 PM, Jamie Strandboge wrote: On 03/24/2014 08:40 PM, John Johansen wrote: On 03/24/2014 05:58 PM, Jamie Strandboge wrote: snip 3 is easy. We preseed the variable substitution routine with a hard coded check that returns

Re: [apparmor] [PATCH] profiles/Makefile: grep: use [[:space:]] instead of \s

On Tue, Mar 25, 2014 at 05:21:34PM +, Alban Crequy wrote: \s is a new feature of GNU grep 2.6 (released on 2010-03-23) and it does not work in older versions. By using [[:space:]] instead, AppArmor can compile on systems with older versions of grep. AppArmor's use of \s was introduced by

[apparmor] [patch] parser tests: abort valgrind test if valgrind is missing

The valgrind test script would happily chug along even if if valgrind was not installed, not doing anything of use. This patch fixes that, and offers up the ability to specify an alternate location for valgrind if it does not exist in the usual /usr/bin location. Signed-off-by: Steve Beattie

[apparmor] [patch] utils: don't install two copies of aa-easyprof

With the conversion of the python utils, aa-easyprof got added to the list of tools to be installed (in /usr/sbin/), but is already installed (in /usr/bin) by the python-tools-setup.py distutils script, leaving two copies of the tool in place. This patch filters out aa-easyprof from the list of

Re: [apparmor] [patch] parser tests: abort valgrind test if valgrind is missing

On Tue, Mar 25, 2014 at 02:14:36PM -0700, Steve Beattie wrote: The valgrind test script would happily chug along even if if valgrind was not installed, not doing anything of use. This patch fixes that, and offers up the ability to specify an alternate location for valgrind if it does not exist

Re: [apparmor] [PATCH] Entirely rework the Pidgin profile.

On 03/10/2014 08:34 AM, intrig...@debian.org wrote: From: intrigeri intrig...@boum.org Thanks a lot to Simon Deziel simon.dez...@gmail.com for working on this with me. So this is looking pretty good to me, I have even installed it and fired up pidgin on trusty I got rejects for [

Re: [apparmor] [patch] utils: don't install two copies of aa-easyprof

On Tue, Mar 25, 2014 at 02:19:03PM -0700, Steve Beattie wrote: With the conversion of the python utils, aa-easyprof got added to the list of tools to be installed (in /usr/sbin/), but is already installed (in /usr/bin) by the python-tools-setup.py distutils script, leaving two copies of the

Re: [apparmor] [PATCH] Entirely rework the Pidgin profile.

Hi John, On 14-03-25 05:43 PM, John Johansen wrote: On 03/10/2014 08:34 AM, intrig...@debian.org wrote: From: intrigeri intrig...@boum.org Thanks a lot to Simon Deziel simon.dez...@gmail.com for working on this with me. So this is looking pretty good to me, I have even installed it and

Re: [apparmor] [PATCH] Entirely rework the Pidgin profile.

On 03/25/2014 02:52 PM, Simon Deziel wrote: Hi John, On 14-03-25 05:43 PM, John Johansen wrote: On 03/10/2014 08:34 AM, intrig...@debian.org wrote: From: intrigeri intrig...@boum.org Thanks a lot to Simon Deziel simon.dez...@gmail.com for working on this with me. So this is looking