Cliffe wrote: > So when is the parser started? At startup or when it is needed? At boot time; it is in the booting init scripts.
When you issue the command "rcapparmor restart" which runs the parser and re-loads policy, doing a bunch of intelligent things to keep policy and processes happy. You can run the parser manually, which will cause it to start writing into the kernel. This may or may not be such a good idea :) but it dos require lots of privilege. This appears to be consistent with Greg's advice of "don't" http://kernelnewbies.org/FAQ/WhyWritingFilesFromKernelIsBad AppArmor uses a user-level process to push data into the kernel, rather than letting the kernel pull it. Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering http://novell.com - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
