rity-mod...@vger.kernel.org
Reviewed-By: Seth Arnold
Thanks
> ---
> security/apparmor/include/file.h |2 +-
> security/apparmor/path.c |2 +-
> security/apparmor/policy_unpack.c |2 +-
> 3 files changed, 3 insertions(+), 3 deletions(-)
>
> ---
On Sun, Jul 19, 2020 at 11:08:35AM -0700, Randy Dunlap wrote:
> Delete the doubled word "then" in a comment.
>
> Signed-off-by: Randy Dunlap
> Cc: John Johansen
> Cc: appar...@lists.ubuntu.com
Reviewed-by: Seth Arnold
Thanks
> ---
> security/apparmor/inc
that are not modified
> in the temporary structure, but they never warn about this.
>
> In case of apparmor, it seems better to be a little safer and always
> initialize the aa_perms structure. Most users already do that, this
> changes the remaining ones, including the one
On Fri, Jun 15, 2007 at 04:49:25PM -0700, Greg KH wrote:
> > We have built a label-based AA prototype. It fails because there is no
> > reasonable way to address the tree renaming problem.
>
> How does inotify not work here? You are notified that the tree is
> moved, your daemon goes through and
On Sat, Jun 16, 2007 at 01:39:14AM +0200, Pavel Machek wrote:
> > Pavel, please focus on the current AppArmor implementation. You're
> > remembering a flaw with a previous version of AppArmor. The pathnames
> > constructed with the current version of AppArmor are consistent and
> > correct.
>
> Ok
On Fri, Jun 15, 2007 at 10:06:23PM +0200, Pavel Machek wrote:
> Yes, you may get some -EPERM during the tree move, but AA has that
> problem already, see that "when madly moving trees we sometimes
> construct path file never ever had".
Pavel, please focus on the current AppArmor implementation. Yo
On Wed, Mar 14, 2007 at 07:25:26AM -0400, Mimi Zohar wrote:
> It's a little bit of both. :-) Initially it was written to help me with
:)
> implementing and testing the integrity provider. But it could definitely
> stand
> on it's own. As Serge Hallyn commented http://lkml.org/lkml/2007/3/13/2
On Thu, Mar 08, 2007 at 05:58:16PM -0500, Mimi Zohar wrote:
> This is a request for comments for a new Integrity Based Access
> Control(IBAC) LSM module which bases access control decisions
> on the new integrity framework services.
Thanks Mimi, nice to see an example of how the integrity framewo
On Fri, Dec 08, 2006 at 01:36:57PM -0600, Serge E. Hallyn wrote:
> The other is that root can lose capabilities by executing files with
> only some capabilities set. The next two patches change these
> behaviors.
I saw this in my code review and thought that this behaviour was
intentional. :) It
Greetings! :)
I was presented with the following error when attempting to compile
kernel 2.4.2 and 2.4.1:
[...]
nm vmlinux | grep -v '\(compiled\)\|\(\.o$\)\|\( [aUw]
\)\|\(\.\.ng$\)\|\(LASH[RL]DI\)' | sort > System.map
make[2]: Entering directory `/home/sarnold/Local/Linux.2.4.1/arch/i386/boot
10 matches
Mail list logo
