[apparmor] [PATCH] local site-specific changes
Kees Cook
kees at ubuntu.com
Fri Aug 13 15:19:25 BST 2010
On Fri, Aug 13, 2010 at 05:54:57AM -0700, Steve Beattie wrote:
> Alas, all this doesn't lead to the usability improvements you might
> think it does, as on reload, the parser doesn't detect that the local/
> files have changed, the cached blob is reloaded, and whatever policy
> issue the admin is trying to address remains unaddressed in the
> policies currently loaded into the kernel.
>
> I've filed LP: #617375 about the issue.
You've verified this? "reload" should throw away the cache unconditionally.
If that's not happening, it's a regression in the init script. (It does
this because the same problem exists for abstractions, etc)
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list