[apparmor] dbus/pair address rule encoding (grouping via parens)
Steve Beattie
steve at nxnw.org
Fri May 10 17:28:53 UTC 2013
On Fri, May 10, 2013 at 12:27:44AM -0700, John Johansen wrote:
> On 05/09/2013 05:06 PM, Steve Beattie wrote:
> > Alternatively, you could use some grouping, a la:
> >
> > profile SubjectA {
> >
> > dbus bus=session name=SubjectA.service acquire,
> > dbus bus=session name=SubjectA.service method=service.method receive,
> > dbus bus=session peer(name=a.peer.address) send,
> > dbus bus=accessibility name=this.subjects.other.service acquire,
> > dbus bus=accessibility name=this.subjects.other.service peer(name=another.peer.address) receive,
> > net tcp addr=192.168.0.1 peer(addr=10.1.0.0/24 port=443) send
> > net tcp addr=192.168.0.1 peer(port=80) send
> > }
> >
> I am okay with grouping, though I need to ponder the syntax more. What you
> have is a little different than we have traditionally used for ( )
To be fair, I spent all of about 12 seconds thinking about which
character to use for grouping as I needed to send my email out before
stepping away from the keyboard. I don't feel strongly about which
characters are used for grouping.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130510/21e2a8e7/attachment.pgp>
More information about the AppArmor
mailing list