[apparmor] audit and quiet rules
Steve Beattie
steve at nxnw.org
Fri Jan 14 22:18:33 UTC 2011
[Resurrecting an old thread]
On Wed, Dec 15, 2010 at 11:29:15PM -0800, John Johansen wrote:
> On 12/15/2010 04:36 PM, Seth Arnold wrote:
> > I immediately prefer audit_rules and quiet_rules versus our existing system. :)
>
> oh and I'm not very found of the keywords but audit seems to be taken, so suggestions
> are more than welcome.
would something like:
audit {
/** r,
}
deny {
/etc/* w,
}
be more palatable.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110114/bfc16acf/attachment.pgp>
More information about the AppArmor
mailing list