Hello,

Am Sonntag, 27. Januar 2019, 15:01:40 CET schrieb intrigeri:
> John Johansen:
> > Policy can be adjusted to include trap profiles that will attach
> > to binaries executed out of these directories. The trap profile
> > can grant limited to no permissions.
> > [...]
> > short term: confine users & a trap profile(s) on the /etc/cups dir
> 
> I was not able to find any reference to the "trap profile" idea
> in our documentation. Could you please point me in the right
> direction? Thanks in advance!

My guess is that John meant something like that:


/etc/cups/** Cx -> trap,

  profile trap {
    # intentionally left empty
  }



Regards,

Christian Boltz
-- 
Seriously? If you accused me of verbally abusing the _feature_
(or rather its implementation), I would understand. But I'm not
aware of verbally abusing _people_ (or at least not here, but I
hope you don't really have a microphone near my desk).
[Michal Kubecek in opensuse-factory]

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to