Hi Simon,
On Wed, Dec 19, 2012 at 09:25:09PM -0500, Simon Deziel wrote:
> On 12-12-19 06:44 PM, Seth Arnold wrote:
> > But I do like the rest of the patch.
>
> Good, here is v2 without the changes to abstractions/bash. I appreciate
> your review, thanks!
This all looks good to me, Acked-by: Stev
On 12-12-19 06:44 PM, Seth Arnold wrote:
> On Wed, Dec 19, 2012 at 06:30:01PM -0500, Simon Deziel wrote:
>> === modified file 'profiles/apparmor.d/abstractions/bash'
>> --- profiles/apparmor.d/abstractions/bash2012-08-06 11:56:31 +
>> +++ profiles/apparmor.d/abstractions/bash2012-12-19
On Wed, Dec 19, 2012 at 06:30:01PM -0500, Simon Deziel wrote:
> > If we don't add 'owner' to the rules, a virus or worm is more likely to be
> > able to spread outside of one user account to infect other user accounts,
> > either by actively writing to other user's data, or by allowing a program
>
On 12-12-18 07:00 PM, Seth Arnold wrote:
> On Tue, Dec 18, 2012 at 05:26:49PM -0500, Simon Deziel wrote:
>> I am wondering why some of the profile abstractions are not using the
>> owner prefix with the variable @{HOME} while many others do (and some
>> mix both)?
>
> Funny, Steve's recent patch s
On Tue, Dec 18, 2012 at 05:26:49PM -0500, Simon Deziel wrote:
> I am wondering why some of the profile abstractions are not using the
> owner prefix with the variable @{HOME} while many others do (and some
> mix both)?
Funny, Steve's recent patch set made me wonder the same thing. (If only
by shin
Hi all,
I am wondering why some of the profile abstractions are not using the
owner prefix with the variable @{HOME} while many others do (and some
mix both)?
Some stats from my Ubuntu 12.04 box:
$ grep -crE '^[[:space:]]*@{HOME}' /etc/apparmor.d/abstractions/ | grep
-v :0$
/etc/apparmor.d/abstr
