I have some questions for apparmor alias rules. Is it correct that an alias
rule won't directly have an influence on which files can be accessed on a
certain rewritten path, i.e. the actual profile for the program is what matters
more? Could you make a program less confined just by alias rules? Sure you add
another path, but on this path you are still allowed to only access files as
described in the original profile of the program. Is this correct?
What is the reason a rewrite path for "/" -> "/rw/" does not apply to all the
rules, i.e. you have to specifically rewrite other paths too, like "/var/" ->
"/rw/var/" ?
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
