intrigeri wrote... > tl;dr: I hereby propose we enable AppArmor by default in testing/sid, > and decide one year later if we want to keep it this way in the > Buster release.
I really appreciate your approach of trying this out while being prepared this might turn out to be a bad idea. Or: Promoting an idea without being pushy about it. So while adding another security layer is certainly something to consider, I'm as well interested in whether this is feasible for a generic-purpose distribution like Debian. The worst thing that could happen was people will have to do the counterpart of chmod 777. Then it was a bad idea, but we (as in Debian) have substantiation for such a claim. Christoph
Description: Digital signature