Review: Approve
--
https://code.launchpad.net/~elmo/apparmor-profiles/worldofgoo/+merge/86128
Your team AppArmor Developers is subscribed to branch lp:apparmor-profiles.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/list
The proposal to merge lp:~elmo/apparmor-profiles/worldofgoo into
lp:apparmor-profiles has been updated.
Status: Needs review => Merged
For more details, see:
https://code.launchpad.net/~elmo/apparmor-profiles/worldofgoo/+merge/86128
--
https://code.launchpad.net/~elmo/apparmor-profiles/worl
@sdeziel, good point. I've added a bunch of 'owner' restrictions to the
profile in r83.
--
https://code.launchpad.net/~elmo/apparmor-profiles/worldofgoo/+merge/86128
Your team AppArmor Developers is requested to review the proposed merge of
lp:~elmo/apparmor-profiles/worldofgoo into lp:apparmor
Kees Cook writes:
>> + @{HOME}/.WorldOfGoo/** rw,
>
> is @{HOME}/.WorldOfGoo/ rw, also needed to initially create the
> directory on first-run?
Good point, fixed in r83. I've also now tested it with a fresh user to
make sure I didn't missing else.
> Hrm. I thought "m" should only be for _exec
James, I haven't tested the profile you're proposing but I was wondering if
that would be possible to restrict the access to Pulse SHM files only to owners
?
owner /run/shm/pulse-shm-* mr,
--
https://code.launchpad.net/~elmo/apparmor-profiles/worldofgoo/+merge/86128
Your team AppArmor Developer
On Sat, Dec 17, 2011 at 12:10:30AM -, James Troup wrote:
> James Troup has proposed merging lp:~elmo/apparmor-profiles/worldofgoo into
> lp:apparmor-profiles.
Yay! World of Goo!
> + @{HOME}/.WorldOfGoo/** rw,
is @{HOME}/.WorldOfGoo/ rw, also needed to initially create the directory
on firs
James Troup has proposed merging lp:~elmo/apparmor-profiles/worldofgoo into
lp:apparmor-profiles.
Requested reviews:
AppArmor Developers (apparmor-dev)
For more details, see:
https://code.launchpad.net/~elmo/apparmor-profiles/worldofgoo/+merge/86128
Add a profile for World of Goo
--
https://