On Wed, Mar 05, 2014 at 11:06:21PM -0800, Seth Arnold wrote: > On Wed, Mar 05, 2014 at 05:44:40PM -0800, Steve Beattie wrote: > > + apparmor.read_profiles() > > + output_name = profile if program is None else program > > If there's more than one profile returned from get_next_to_profile() this > will probably be annoyingly expensive. I started reading the depths of > this and got worried about the action-at-a-distance going on, so, uh, I > suspect we should leave it alone for now. But next time I'm looking for > something to do, remind me of this. :)
I'm assuming you're referring to the read_profiles() call here. Yes, I share a similar concern and didn't do the deep spelunking to ensure to myself that it was not necessary. I *think* it's not, but didn't want to break anything. But yeah, it would be nice to eliminate or mitigate this somehow. -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
