Thanks you two for the helpful info, that does indeed make a lot of
sense!
~ J
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
On 8/8/20 2:14 AM, Mikhail Morfikov wrote:
> On 07/08/2020 22.12, Christian Boltz wrote:
>>
>> They get added up - so in your example, you'll get rw.
>>
>> As another example,
>>
>> /foo rwl,
>> /foo wk,
>>
>> will effectively give you /foo rwlk,
>>
>
> I have a question -- what would be in
On 07/08/2020 22.12, Christian Boltz wrote:
>
> They get added up - so in your example, you'll get rw.
>
> As another example,
>
> /foo rwl,
> /foo wk,
>
> will effectively give you /foo rwlk,
>
I have a question -- what would be in this case?
owner /foo rwl,
/foo wk,
On 8/7/20 1:12 PM, Christian Boltz wrote:
> Hello,
>
> Am Freitag, 7. August 2020, 19:07:41 CEST schrieb Jonas Große Sundrup:
>> I have one question left, when we're at it: If I do have conflicting
>> directives, such as
>>
>> /my/directory r,
>> /my/directory rw,
>>
>> which one takes
Hello,
Am Freitag, 7. August 2020, 19:07:41 CEST schrieb Jonas Große Sundrup:
> I have one question left, when we're at it: If I do have conflicting
> directives, such as
>
> /my/directory r,
> /my/directory rw,
>
> which one takes precedence? the first, the last, the stricter or the
>
Hi,
On 2020-08-06, John Johansen wrote:
> apparmor is default deny
I wasn't aware of that part, probably didn't read that part of the
documentation well enough to remember in that moment and during my
testing this likely didn't work because down the tree of included
abstractions
On 2020-08-06,
On 8/6/20 2:05 AM, Jonas Große Sundrup wrote:
> Hi,
>
> I'm currently playing around with AppArmor to confine some of my daily
> software a bit, and it looks pretty promising.
>
> However, there is one thing I'd like to achieve but haven't so far:
>
> I would like to generally disallow acces to
Hello,
Am Donnerstag, 6. August 2020 schrieb Jonas Große Sundrup:
> I would like to generally disallow acces to the owner's
> home-directory, but then selectively allow certain paths in it, for
> example firefox may rmwx ~/.mozilla and subfiles/folders and write
> things into my downloads-folder,
Hi,
I'm currently playing around with AppArmor to confine some of my daily
software a bit, and it looks pretty promising.
However, there is one thing I'd like to achieve but haven't so far:
I would like to generally disallow acces to the owner's home-directory,
but then selectively allow
