[apparmor] Apparmor: Profile optimization
Murali Selvaraj
murali.selvaraj2003 at gmail.com
Fri Apr 16 17:48:55 UTC 2021
Hi All,
We have observed few configuration files are present in /tmp which are
needed for certain processes.
For example, few of the files are hidden files located in /tmp/.
In that case, shall we add below entry
/tmp/** rw,
or Do we need to add entries for file specific as below
/tmp/file.txt r,
/tmp/.init_complete rw,
Which would be the best way for security concern especially for
embedded devices ?
Please advise.
Thanks
Murali.S
More information about the AppArmor
mailing list