[apparmor] How to confine querying of /proc to /proc/self?
Cameron Norman
camerontnorman at gmail.com
Thu Jul 24 00:37:21 UTC 2014
I have a profile with the rule "/proc/self/** r,", however the
application is not allowed to access /proc/self.
Since /proc/self is a symlink, it resolves to the actual directory,
then the process trying to query its own attributes is denied access.
How can access to only /proc/self be accomplished?
P.S. please keep me CC'd, as I am not subscribed to this ML currently.
Thank you,
--
Cameron Norman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140724/bc6c019a/attachment.html>
More information about the AppArmor
mailing list