On 03/19/2015 05:47 AM, intrigeri wrote:
> lots of our profiles give access to things like
> @{PROC}/@{pid}/[something], which in my understanding:
>
> 1. is unnecessarily wide open most of the time: the process often
> only needs to gather information about itself, not about any other
> process, right?Maybe "owner" could help with that? Regards, Simon -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
