mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add note to ubuntu-helpers regarding needing to only include it once

Browse source
This commit is contained in:
Jamie Strandboge 2012-01-11 08:50:47 +01:00
parent c626e62da6
commit b0ef4d2b6a
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
profiles/apparmor.d/abstractions/ubuntu-helpers
View file

@ -7,6 +7,12 @@
# are effectively running without any AppArmor protection. Use this profile
# only if the process absolutely must be run (effectively) unconfined.
#
# Usage:
# Because this abstraction defines the sanitized_helper profile, it must only
# be #included once. Therefore this abstraction should typically not be
# included in other abstractions so as to avoid parser errors regarding
# multiple definitions.
#
# Limitations:
# 1. This does not work for root owned processes, because of the way we use
# owner matching in the sanitized helper. We could do a better job with