Hello, Am Donnerstag, 28. November 2013 schrieb John Johansen: > On 11/28/2013 10:32 AM, Christian Boltz wrote: > > Am Donnerstag, 28. November 2013 schrieb Seth Arnold: > >> On Tue, Nov 05, 2013 at 05:34:58AM -0800, John Johansen wrote:
> > I reported some time ago that the audit.log contains stuff that > > would be denied by file/directory permissions anyway (which also > > means logging it more confusing than useful ;-) and the answer was > > that this (IMHO buggy) behaviour is caused by the kernel. > > It is, and there is nothing we can do about it. We spent 2 almost 3 > years trying to get hooks inserted in better places. The path hooks > are a compromise that allowed apparmor to be accepted into the > upstream kernel. > yes we could swap the ordering on these ones Given what you wrote above, this would be a very good idea - I'd guess it's much easier to get it into the right place when adding the hook ;-) (And once we have enough hooks "at the right place", we might even have an argument to move the older ones around ;-) Regards, Christian Boltz -- Zu Schade, daß der ASCII-Zeichensatz keine kleinen Totenköpfe, Blitze, Fäuste und Bömbchen hat... [Ratti in fontlinge-devel] -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
