[apparmor] How to prevent a file being loaded with executable permission?

Simon McVittie simon.mcvittie at collabora.co.uk
Mon Mar 6 11:47:37 UTC 2017

On Mon, 06 Mar 2017 at 16:03:50 +0800, Aphyr Lee wrote:
> The use scenario is that I would like to prevent execution from the
> writable directory, /tmp.

Have you tried mounting /tmp noexec? AppArmor is not the right hammer
for every nail.


More information about the AppArmor mailing list