[apparmor] [PATCH 00/11] Tweak change_profile rule syntax to include an exec mode
Tyler Hicks
tyhicks at canonical.com
Wed May 25 20:59:32 UTC 2016
The purpose of this patch set is to modify the change_profile rule syntax to
allow the policy author to specify if AT_SECURE in the kernel's auxiliary
vector should be set (see the getauxval man page for details). The AT_SECURE
value determines if libc will scrub the newly executed program's environment.
See the following bug for more details:
https://launchpad.net/bugs/1584069
Tyler
More information about the AppArmor
mailing list