| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTim_l1RDI3icW1Ko7NWvECT1JzuM2c3Qqa8wvQR6@mail.gmail.com> Date: Thu, 15 Jul 2010 11:33:07 -0400 From: Eric Paris <eparis@...isplace.org> To: John Johansen <john.johansen@...onical.com> Cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org Subject: Re: [PATCH 04/13] AppArmor: core policy routines On Wed, Jul 14, 2010 at 8:43 PM, John Johansen <john.johansen@...onical.com> wrote: > The basic routines and defines for AppArmor policy. AppArmor policy > is defined by a few basic components. > profiles - the basic unit of confinement contain all the information > to enforce policy on a task > > Profiles tend to be named after an executable that they > will attach to but this is not required. > namespaces - a container for a set of profiles that will be used > during attachment and transitions between profiles. > sids - which provide a unique id for each profile > > Signed-off-by: John Johansen <john.johansen@...onical.com> > --- > + PFLAG_MMAP_MIN_ADDR = 0x80, /* profile controls mmap_min_addr */ You don't actually support this per ?domain? mmap_min_addr and I'm not sure how you ever can (given the nature of round_hint_to_min()) so maybe you should rip it all out rather than having the half implemented stuff in patches 4 and 6? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists