Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | AppArmor: Fix locking from removal of profile namespace | John Johansen | 2010-09-08 | 1 | -2/+4 |
| | | | | | | | | | The locking for profile namespace removal is wrong, when removing a profile namespace, it needs to be removed from its parent's list. Lock the parent of namespace list instead of the namespace being removed. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org> | ||||
* | AppArmor: core policy routines | John Johansen | 2010-08-02 | 1 | -0/+1184 |
The basic routines and defines for AppArmor policy. AppArmor policy is defined by a few basic components. profiles - the basic unit of confinement contain all the information to enforce policy on a task Profiles tend to be named after an executable that they will attach to but this is not required. namespaces - a container for a set of profiles that will be used during attachment and transitions between profiles. sids - which provide a unique id for each profile Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org> |