[apparmor] [patch] dovecout.auth profile update
Seth Arnold
seth.arnold at canonical.com
Mon Aug 11 18:04:33 UTC 2014
On Sun, Aug 10, 2014 at 08:48:15PM +0200, Christian Boltz wrote:
> Hello,
>
> dovecot/auth needs read access to /etc/dovecot/* when using plaintext
> user/password files (everybody will use a different filename for the
> user/password list - and when you allow reading the password list,
> allowing to read the config doesn't add any harm ;-)
>
> References: https://bugzilla.novell.com/show_bug.cgi?id=874094
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
> === modified file 'profiles/apparmor.d/usr.lib.dovecot.auth'
> --- profiles/apparmor.d/usr.lib.dovecot.auth 2014-07-07 21:35:18
> +++ profiles/apparmor.d/usr.lib.dovecot.auth 2014-08-10 18:43:08
> @@ -27,8 +27,7 @@
> /etc/my.cnf.d/ r,
> /etc/my.cnf.d/*.cnf r,
>
> - /etc/dovecot/dovecot-database.conf.ext r,
> - /etc/dovecot/dovecot-sql.conf.ext r,
> + /etc/dovecot/* r,
> /usr/lib/dovecot/auth mr,
>
> # kerberos replay cache
>
>
>
>
>
> Regards,
>
> Christian Boltz
> --
> Whoa whoa whoa that's WAY too efficient. Using tools that already exist?
> Instead of inventing a whole new system and living with bugs?
> Blaspheme. [Brian K. White in opensuse-factory]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140811/d3508bf2/attachment.pgp>
More information about the AppArmor
mailing list