On Wed, Jun 12, 2013 at 10:55:50AM -0700, John Johansen wrote: > > Till then, can someone help me out with the use case for the write > > function of the profile tools? I'm not sure if I'm thinking in the > > appropriate way. How are users expected to modify the config files? > > I can understand reading the config files to do some processing such > > as deciding severity, etc. But about modifying Im not very sure, any > > pointers on that will be helpful. > > > Well it would be nice if the user could set the tool config options > from within the tool (just like you can change preferences within > firefox, instead of having to manually edit a file), but I would say > it isn't required at least not for a first pass. > > So things you might want to be able to do > - add a new entry to the severity db > - change the severity of an entry in the severity db > - add a new regex pattern to the known defaults (keeps bash etc. from > getting an attaching profile when doing targeted confinement). > - change the locale > - turn on/off the repository (assuming we get one again) > - add new suggestion patterns
Also consider the "list of locally created profiles" that would be directly modified and the "list of profiles acquired from elsewhere" that would have their corresponding <local/application> abstraction updated instead. Thanks
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
