[apparmor] [Merge] ~sdeziel/apparmor-profiles/+git/apparmor-profiles:thunderbird-icedove-debian into apparmor-profiles:master

Steve Beattie sbeattie at ubuntu.com
Thu Sep 21 07:08:38 UTC 2017


Review: Approve

Thanks. I merged this as-is (and appreciate the followup commit that maintained the merged usr where appropriate). I did raise an eyebrow at 

+  # other commonly used locations
+  /{data,media,mnt,srv}/** r,
+ owner /{data,media,mnt,srv}/** rw,

in that for /srv/ I personally tend to place system service data files there, rather than user data files... but I can see that not being the case for other environments.

Also, at some point, we should try to identify if the accesses to /proc/[0-9]* are to its own pid (or likely for the thunderbird crash reporter), for different pids, and use @{pid} and @{pids} accordingly.

Thanks again!
-- 
https://code.launchpad.net/~sdeziel/apparmor-profiles/+git/apparmor-profiles/+merge/330183
Your team AppArmor Developers is subscribed to branch apparmor-profiles:master.



More information about the AppArmor mailing list