[apparmor] Profile variable for the PID of the confined process?

[Simon Deziel]

On 03/19/2015 05:47 AM, intrigeri wrote:
> lots of our profiles give access to things like
> @{PROC}/@{pid}/[something], which in my understanding:
> 
>  1. is unnecessarily wide open most of the time: the process often
>     only needs to gather information about itself, not about any other
>     process, right?

Maybe "owner" could help with that?

Regards,
Simon