Proposal to remove PCRE support
John Johansen
john.johansen at canonical.com
Wed Jun 16 17:01:54 BST 2010
On 06/16/2010 08:36 AM, Steve Beattie wrote:
> On Wed, Jun 16, 2010 at 01:06:27AM -0700, John Johansen wrote:
>> I would like to propose that we remove support for PCRE based policy
>> from the parser/policy loader.
>>
>> The last version of AppArmor to use PCRE based policy was AppArmor 2.0.1,
>> which was approximately 3 years ago. The PCRE part of the code has not
>> been actively maintain and I doubt that it has been tested in the last
>> 1.5 years. Dropping PCRE support will also help in the efforts to
>> cleanup the parsers code base.
>
> Agreed, at this point it seems to me to be just cruft. The only utility
> that I could have seen in keeping is to have it available for upgrades,
> where the parser gets upgraded (and policy re-applied) before the kernel
> gets rebooted.
>
Right, but as I said it has been years the last suse kernel to support
this was SLES10SP1, SP2 actually uses the dfa, and for Ubuntu it was
gutsy?, Hardy is using the dfa so I don't believe that its worth holding
on to for even the upgrade cycle anymore.
More information about the AppArmor
mailing list