Hello, Am Sonntag, 27. Januar 2019, 15:01:40 CET schrieb intrigeri: > John Johansen: > > Policy can be adjusted to include trap profiles that will attach > > to binaries executed out of these directories. The trap profile > > can grant limited to no permissions. > > [...] > > short term: confine users & a trap profile(s) on the /etc/cups dir > > I was not able to find any reference to the "trap profile" idea > in our documentation. Could you please point me in the right > direction? Thanks in advance!
My guess is that John meant something like that:
/etc/cups/** Cx -> trap,
profile trap {
# intentionally left empty
}
Regards,
Christian Boltz
--
Seriously? If you accused me of verbally abusing the _feature_
(or rather its implementation), I would understand. But I'm not
aware of verbally abusing _people_ (or at least not here, but I
hope you don't really have a microphone near my desk).
[Michal Kubecek in opensuse-factory]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
