On Mon, Oct 26, 2015 at 07:36:54AM -0700, John Johansen wrote: > It is possible that apparmor could set a tasks capabilities (this actually > existed experimentally in the past) but it is easy to get wrong and > allows the security policy author to inject security vulnerabilities. > With the expansion of capabilities its even harder to get right, and > so I don't see us adding the ability
While I was a fan of the interface that was done for setting capabilities at the time, today I'm more skeptical that we'd be able to get all the interactions correct between setuid/setgid/setcap executables, interpreters, the three "traditional" capabilities lists per-process and the newfangled "ambient capabilities" list for posix-draft capabilities, user namespaces, all combined with the no-new-privs API. While I'm sure we could do it if the demand were strong enough, I wouldn't want to do it on a whim. Thanks
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
