Hi,
I'm on Kubuntu 16.04 with Apparmor 2.10.95-0ubuntu2.6 and Linux
4.8.0-34-generic (HWE)
usr.bin.skype profile has such lines:
deny @{HOME}/.fontconfig/ w,
deny @{HOME}/.fontconfig/*.cache-*.TMP* w,
When I run:
apparmor_parser -Q -d /etc/apparmor.d/usr.bin.skype
These lines are printed:
Mode: wa:wa Name: ({/home//*,/root}/.fontconfig/)
Mode: wa:wa Name: ({/home//*,/root}/.fontconfig/*.cache-*.TMP*)
I do not quite follow here. What these wa:wa means exactly? Looking at Wiki [0], it kinda seems like if I am owner or
not, I am allowed to write..? Though of course I expect not to be able to write due to "deny".
How to interpret these debug outputs, how do I audit apparmor profiles?
Thanks.
[0] http://wiki.apparmor.net/index.php/AppArmorMonitoring - "This listing shows the permissions granted when the user
owns the resource (file, directory, pipe, etc.) and when the user does not own the resource."
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
