Hi There, As the Debian WordPress maintainer,considering WordPress has the most security bugs of all the packages I maintain I thought having an AppArmor profile for it would be a good idea.
I have now written one and done some testing and it seems to work nicely. The problem is, what to do with it? It basically has two files: * /etc/apache2/conf-available/wordpress which has the AAHatName in the <directory> stanzas * /etc/apparmor.d/apache2.d/wordpress which defines the ^wordpress profile The profile is highly dependent on what the user sets the WP_CONTENT_DIR to (which has to match the second <directory> stanza). So, it works for me. Should I just put it in the examples file? My concern is people do odd configurations to their wordpress setup which apparmor won't like. I'm not subscribed to this email list so please CC in your replies. - Craig -- Craig Small https://dropbear.xyz/ csmall at : dropbear.xyz Debian GNU/Linux https://www.debian.org/ csmall at : debian.org Mastodon: @[email protected] Twitter: @smallsees GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
