mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 17:08:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

doc: improve the way to present project rules.

Browse source
This commit is contained in:
Alexandre Pujol 2024-02-01 18:43:51 +00:00
parent 553fc5e8bc
commit be9e92dba5
Failed to generate hash of commit
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docs/development/index.md
View file

@ -32,23 +32,23 @@ You want to contribute to `apparmor.d`, **thanks a lot for this.** Feedbacks, co
## Project rules
`Rule 1: Mandatory Access Control`
#### Rule :material-numeric-1-circle: - Mandatory Access Control
: As these are mandatory access control policies only what is explicitly required
should be authorized. Meaning, you should **not** allow everything (or a large area)
and blacklist some sub areas.
`Rule 2: Do not break a program`
#### Rule :material-numeric-2-circle: - Do not break a program
: A profile **should not break a normal usage of the confined software**. It can
be complex as simply running the program for your own use case is not always
exhaustive of the program features and required permissions.
`Rule 3: Do not confine everything`
#### Rule :material-numeric-3-circle: - Do not confine everything
: Some programs should not be confined by a MAC policy.
`Rule 4: Distribution and devices agnostic`
#### Rule :material-numeric-4-circle: - Distribution and devices agnostic
: A profile should be compatible with all distributions, software and devices
in the Linux world. You cannot deny access to resources you do not use on