Hi, (Cc:ed Peter Palfrader (weasel), who maintains tor in Debian and the Debian AppArmor Packaging Team.)
While playing around with `aa-unconfined` i saw that /usr/bin/tor is marked as not being confined. In Debian, `tor` comes with an apparmor profile which is called "system_tor" and lives in /etc/apparmor.d. `aa-unconfined` seems to ignore this, but `aa-status` tells me that the `system_tor` profile is well active. Do I need to worry about the tor process not being confined? Asked differently, do profiles need to be named a certain way (eg. `usr/bin/something`) to be taken into account by `aa-unconfined`? How do other distributions handle this particular profile? As intrigeri says [1], one of these tools might be buggy. Cheers, Ulrike [1] http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/2015-February/000386.html -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
