[apparmor] PUx permissions?
John Johansen
john.johansen at canonical.com
Mon Apr 18 22:26:00 UTC 2011
On 04/18/2011 01:08 PM, Christian Boltz wrote:
> Hello,
>
> I just found this in the commit notification for Rev 1714:
>
> Am Montag, 18. April 2011 schrieb noreply at launchpad.net:
>> + /usr/bin/digikam PUxr,
>> + /usr/bin/f-spot PUxr,
>
> I was aware of Pix, but not of PUx.
Same type of thing as pix,
Use the profile and if it doesn't exist use unconfined
> Which version of AppArmor is the first that supports PUx?
> (2.5.1 in openSUSE 11.4 seems to support it...)
>
2.4 actually
> Is pux also allowed? What about Pux and pUx? ;-)
>
Currently the P and U share the unsafe flag so technically it
would be
PUx and pux
but I the Parser will take Pux, and pUx and in those cases it
is the P that determines whether the environment variables are
scrubbed.
> Regarding apparmor.vim: I'll classify PUx like Ux color-wise because
> worst case (no profile exists) means Ux behaviour.
>
yes please.
thanks Christian
More information about the AppArmor
mailing list