On Sun, Jul 1, 2012 at 4:55 AM, Christian Boltz <[email protected]> wrote: > I'd vote for a directory name that is more human-readable than the sid > ;-) > > What about using the sid + a readable profile name with non-allowed > characters replaced? > Example: > 42-bin.ping # sid 42, profile for /bin/ping > > I'd replace [^a-zA-Z0-9] with dots. This will replace some characters > that are allowed in a file name, but IMHO that's better than having
I generally favor giving the human operators a fighting chance but I'm afraid that someone will try to find a mapping between these names and the names of the files in /etc/apparmor.d/. Either we should make that mapping 100% explicit and use the same names or we should be very upfront that the name attached to the sid is for _human_ inspection and use and not to be used for automated policy tools. (Though these sorts of hints are always somehow forgotten.) -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
