[apparmor] [patch] utils: add CAP_AUDIT_READ to severity.db
Steve Beattie
steve at nxnw.org
Mon Jul 21 22:28:36 UTC 2014
This patch adds the new capability CAP_AUDIT_READ, added in the 3.16
kernel, to the utils severity.db. I set the severity level at 7,
since it seemed to offer less exposure than CAP_AUDIT_CONTROL and
CAP_AUDIT_WRITE, which are both considered severity 8.
This patch is both for trunk and the 2.8 branch.
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
utils/severity.db | 1 +
1 file changed, 1 insertion(+)
Index: b/utils/severity.db
===================================================================
--- a/utils/severity.db
+++ b/utils/severity.db
@@ -47,6 +47,7 @@
CAP_WAKE_ALARM 8
CAP_BLOCK_SUSPEND 8
CAP_DAC_READ_SEARCH 7
+ CAP_AUDIT_READ 7
# unused
CAP_NET_BROADCAST 0
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140721/8d840471/attachment.pgp>
More information about the AppArmor
mailing list