[apparmor] [Merge] lp:~intrigeri/apparmor/perl-5.20-multiarch into lp:apparmor
intrigeri
intrigeri at debian.org
Wed Aug 20 08:19:31 UTC 2014
Hi,
Jamie Strandboge wrote (20 Aug 2014 02:28:08 GMT) :
> Ubuntu is going through the 5.20 perl multiarch transition and I came up with
> different rules (and more comprehensive patch).
Great! I'm happy to see my merge request superseded by a better one :)
> --- apparmor-2.8.96~2541.orig/profiles/apparmor.d/abstractions/perl
> +++ apparmor-2.8.96~2541/profiles/apparmor.d/abstractions/perl
> @@ -15,6 +15,8 @@
> /usr/lib{,32,64}/perl5/** r,
> /usr/lib{,32,64}/perl{,5}/**.so* mr,
> + /usr/lib/@{multiarch}/perl/** r,
> + /usr/lib/@{multiarch}/perl/[0-9]*/**.so* mr,
I'm curious why /usr/lib/@{multiarch}/perl5/ doesn't need to be
allowed: I see a lot of modules installed in there, that previously
were installed in /usr/lib/perl5/ (and thus accessible for reading).
Any hint to satisfy my curiosity?
(If indeed we should allow access to Perl modules in that directory,
then it seems that the rest of your patch would need updating too, but
you know that :)
Cheers,
--
intrigeri
More information about the AppArmor
mailing list