On Thu, Apr 12, 2007 at 11:21:01AM +0100, Alan Cox wrote:
+
+ /**
+* parent can ptrace child when
+* - parent is unconfined
+* - parent is in complain mode
+* - parent and child are confined by the same profile
+*/
Your profiles are name based. That means the
Module parameters, LSM hooks, initialization and teardown.
Signed-off-by: John Johansen [EMAIL PROTECTED]
Signed-off-by: Andreas Gruenbacher [EMAIL PROTECTED]
---
security/apparmor/lsm.c | 829
1 file changed, 829 insertions(+)
--- /dev/null
+
+ /**
+ * parent can ptrace child when
+ * - parent is unconfined
+ * - parent is in complain mode
+ * - parent and child are confined by the same profile
+ */
Your profiles are name based. That means the same profile in a different
namespace does different
