mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/docs/unconfined.pod
Steve Beattie 6d3e74907d Import the rest of the core functionality of the internal apparmor 
development tree (trunk branch). From svn repo version 6381.
2006-04-11 21:52:54 +00:00

59 lines
2.2 KiB
Text
Raw Blame History

# $Id: unconfined.pod 6203 2006-02-02 22:03:41Z steve $
# This publication is intellectual property of Novell Inc. Its contents
# can be duplicated, either in part or in whole, provided that a copyright
# label is visibly located on each copy.
#
# All information found in this book has been compiled with utmost
# attention to detail. However, this does not guarantee complete accuracy.
# Neither SUSE LINUX GmbH, the authors, nor the translators shall be held
# liable for possible errors or the consequences thereof.
#
# Many of the software and hardware descriptions cited in this book
# are registered trademarks. All trade names are subject to copyright
# restrictions and may be registered trade marks. SUSE LINUX GmbH
# essentially adheres to the manufacturer's spelling.
#
# Names of products and trademarks appearing in this book (with or without
# specific notation) are likewise subject to trademark and trade protection
# laws and may thus fall under copyright restrictions.
#
# Please direct suggestions and comments to apparmor-general@forge.novell.com.
=pod
=head1 NAME
unconfined - output a list of processes with tcp or udp ports that do
not have AppArmor profiles loaded
=head1 SYNOPSIS
B<unconfined>
=head1 DESCRIPTION
B<unconfined> will use netstat(8) to determine which processes have open
network sockets and do not have AppArmor profiles loaded into the kernel.
=head1 BUGS
B<unconfined> must be run as root to retrieve the process executable
link from the F</proc> filesystem. This program is susceptible to race
conditions of several flavours: an unlinked executable will be mishandled;
an executable started before a AppArmor profile is loaded will not
appear in the output, despite running without confinement; a process that dies
between the netstat(8) and further checks will be mishandled. This
program only lists processes using TCP and UDP. In short, this
program is unsuitable for forensics use and is provided only as an aid
to profiling all network-accessible processes in the lab.
If you find any bugs, please report them to bugzilla at
L<http://bugzilla.novell.com>.
=head1 SEE ALSO
netstat(8), apparmor(7), apparmor.d(5), change_hat(2), and
L<http://forge.novell.com/modules/xfmod/project/?apparmor>.
=cut
Reference in a new issue View git blame Copy permalink