[apparmor] Initial thoughts on profiling with signal and ptrace

Tyler Hicks tyhicks at canonical.com
Tue Mar 25 01:20:39 UTC 2014

On 2014-03-24 19:58:58, Jamie Strandboge wrote:


> In all honesty, I was surprised that a process is not allowed to send signals to
> itself and found that it isn't allowed counter-intuitive (though I appreciate
> arguments to the contrary).

I think this discussion should be wider than just signals. Whatever we
decide here should apply to sets of processes confined under the same
profile that want to communicate with each other using pipe(),
socketpair(), kill(), etc.

IMO, having the behavior of signal mediation inside the same confinement
context be different than other forms of IPC would be confusing.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140324/c5eec039/attachment.pgp>

More information about the AppArmor mailing list