[apparmor] [PATCH] apparmor: enable raw text policy
Seth Arnold
seth.arnold at canonical.com
Tue Jul 27 23:45:19 UTC 2021
On Tue, Jul 27, 2021 at 06:51:34PM -0300, Georgia Garcia wrote:
> + if (aa_g_raw_text) {
> + dent = aafs_create_file("raw_text", S_IFREG | 0444, dir,
> + rawdata, &rawtext_fops);
Cool :) The only thing that stood out to me is the permission: some people
like to store their policy in /etc/apparmor.d/ with restrictive modes for
whatever reason, and this may be more open than they'd like. 0400 might be
a better fit for some.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20210727/c26083a0/attachment.sig>
More information about the AppArmor
mailing list