Hi Seth
Sorry for such a long time without answer, but I'm so busy. You wrote
something interesting:
>> If you want Firefox to work as designed but limit the scope
>> of damage if it's attacked... you should allow the arp lookups
So if AppArmor DENIED /proc/2496/net/arp (requested_mask="r"
denied_mask="r") access and according to yours words I should use such
rule:
@{PROC}/[0-9]*/net/arp r,
Am I right? It is a sufficient rule? Can you confirm this?
Best regards.
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
