[apparmor] Deny network bind in profile
Georg Schoenberger
g.schoenberger at xortex.com
Fri Jul 22 08:11:08 UTC 2016
Hi folks,
I am currently trying to deny a process from binding to network sockets.
Unfortunately the example from http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference does not work for me:
* deny network bind inet,
A reload fails with "invalid network entry", if I am completely denying "deny network inet" the profile reloads. I am using:
* dpkg -l | grep appar
ii apparmor 2.8.95~2430-0ubuntu5.3 amd64 User-space parser utility for AppArmor
with Ubuntu 14.04.
Any ideas?
THX Georg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160722/7c6a5bb9/attachment.html>
More information about the AppArmor
mailing list