Hello, I am developing an ACL with Akari for my server that is running several Docker containers and I wanna be able to clearly differentiate the domains from the host machine from the ones in containers. Since I have it configured to always initialize new domains (initialize_domain any from any) because I find it easier to work with, I thought of using namespaces to achieve this. However, by reading the docs I understood that you also need to define new exception and profile policies for every new namespace you introduce. In my case that would mean duplicating the existing ones for each namespace and adding the appropriate namespace prefix. I was wondering if there is a way of telling Akari/Tomoyo to ignore namespaces in exception and profile policies and just use the built-in one. If not, what would be the code changes necessary to achieve this?
Thank you!
_______________________________________________ tomoyo-users-en mailing list tomoyo-users-en@lists.osdn.me https://lists.osdn.me/mailman/listinfo/tomoyo-users-en
