[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: Re: [Apparmor-dev] rule interaction with extended mediation
From: John Johansen <john.johansen () canonical ! com>
Date: 2009-10-30 4:14:53
Message-ID: 4AEA683D.4040308 () canonical ! com
[Download RAW message or body]
Cliffe wrote:
>>
> Regarding compatibility with policy developed for previous versions,
> perhaps you could specify the policy language version for each profile.
> That way the AppArmor parser could add the required generalised rules to
> older profiles if they are required to keep compatibility. For example,
> adding "chroot /**" to profiles developed earlier. Just a thought.
>
That is a possibility, and it opens up the possibility of revisiting other parts
of the profile language. I am hesitant because I am not sure the trade off of
having a slightly different version of the language is worth it. Also I really
do not want to force the use of to many new rules unless it is really worth it.
john
_______________________________________________
Apparmor-dev mailing list
Apparmor-dev@forge.novell.com
http://forge.novell.com/mailman/listinfo/apparmor-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic