[apparmor] Query about AppArmor's Profile Transitions
Seth Arnold
seth.arnold at canonical.com
Tue Oct 1 18:17:43 UTC 2019
On Tue, Oct 01, 2019 at 05:25:21PM +0000, Abhishek Vijeev wrote:
> Currently, AppArmor allows 'pix' and 'cix' transitions. However, we would like to extend AppArmor to
> allow a 'pcix' transition. To clarify what we mean by 'pcix', we're looking for a way by which we
> can specify the following policy: 'look for a specific profile, but if one doesn't exist, look for a
> child profile, otherwise inherit the current profile'. Are there any challenges to implementing
> this? Also, is this a feature that is planned for release in future versions of AppArmor?
I do have to wonder if whatever you're trying to solve would be better
handled via stacking profiles instead.
What are you trying to achieve?
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20191001/4c3425d3/attachment.sig>
More information about the AppArmor
mailing list