"Ok so overall:
deny capability chown -> capability chown
(can we limit that to a certain scope)"
Unfortunately, no, not unless we get help from unbound to
change_profile/change_onexec after a fork/exec or it is happening in a
helper binary that we could separately profile.
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
unbound-control local socket broken by apparmor
To manage notifications about this bug go to:
ubuntu-bugs mailing list