[apparmor] [profile: plugin-container] the dbus machine-id: deny or allow 'r'?

2016-02-25 Thread daniel curtis
Hello. Some time ago, I've decided to create a profile for the 'plugin-container' process to make a Firefox web browser even more secure. Everything seems to work okay. I've managed to "solve" the DENIED messages/entries from a system log files, such as e.g. '/var/log/kern.log' etc. Anyway,

Re: [apparmor] [PATCH 2/2] libapparmor: Implement aa_stack_profile and aa_stack_onexec

2016-02-25 Thread Tyler Hicks
On 2016-02-25 04:02:16, John Johansen wrote: > On 02/12/2016 04:06 PM, Tyler Hicks wrote: > > Based on the existing implementations of aa_change_profile(2) and > > aa_change_onexec(2). > > > > Signed-off-by: Tyler Hicks > > so this is fine as is and gets > > Acked-by:

Re: [apparmor] [Merge] lp:~sdeziel/apparmor-profiles/usr.bin.thunderbird-profile into lp:apparmor-profiles

2016-02-25 Thread Simon Déziel
ping? -- https://code.launchpad.net/~sdeziel/apparmor-profiles/usr.bin.thunderbird-profile/+merge/282383 Your team AppArmor Developers is requested to review the proposed merge of lp:~sdeziel/apparmor-profiles/usr.bin.thunderbird-profile into lp:apparmor-profiles. -- AppArmor mailing list

Re: [apparmor] [PATCH 2/2] libapparmor: Implement aa_stack_profile and aa_stack_onexec

2016-02-25 Thread John Johansen
On 02/12/2016 04:06 PM, Tyler Hicks wrote: > Based on the existing implementations of aa_change_profile(2) and > aa_change_onexec(2). > > Signed-off-by: Tyler Hicks so this is fine as is and gets Acked-by: John Johansen but what do you

Re: [apparmor] [PATCH 1/2] libapparmor: Create man page for aa_stack_profile()/aa_stack_onexec()

2016-02-25 Thread John Johansen
On 02/12/2016 04:06 PM, Tyler Hicks wrote: > Modeled after the aa_change_profile(2) man page, this profile defines > the libapparmor and kernel interfaces for the in-progress profile > stacking feature. > > Signed-off-by: Tyler Hicks Acked-by: John Johansen