On 05/09/2013 04:12 PM, Jamie Strandboge wrote:
> Since <access> *always* applies to <subject>, maybe it makes sense to
> have it be next to it. Ie:
>
> dbus [<subject>] <access> [<peer>],
>
> such that:
>
> profile subject {
> dbus name=well.known.address acquire,
> dbus name=well.known.address receive,
> dbus send -> name=a.peer.address,
> dbus receive -> name=a.peer.address,
>
> # get as specific as you like:
> dbus name=... interface=... (send, receive) -> name=... path=...,
>
FYI, I'm not totally happy with '->' as the delimiter here since it
still implies direction. Some ideas:
dbus send -> name=a.peer.address, # nice with send
dbus receive -> name=a.peer.address, # weird with receive
dbus send <> name=a.peer.address, # looks weird
dbus send -- name=a.peer.address, # clear, looks 'ok'
dbus receive -- name=a.peer.address, # clear, looks 'ok'
dbus send @ name=a.peer.address, # maybe confusing with vars
dbus receive @ name=a.peer.address, # maybe confusing with vars
dbus send {name=a.peer.address}, # confusing with vars and aare
dbus receive [name=a.peer.address], # confusing with aara
I think I like '--' and '@', but not sure. I'm open to other ideas.
--
Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
