Hi! > We've been over the "AA is different" discussion in threads about a > billion times, and at the last kernel summit. I think Lars and others > have done a pretty good job of describing the problems they are trying > to solve, can we please move on to discussing technical issues around > that? Actually, I surprised Lars a lot by telling him ln /etc/shadow /tmp/ allows any user to make AA ineffective on large part of systems -- in internal discussion. (It is not actually a _bug_, but it is certainly unexpected). (Does it surprise you, too? I'm pretty sure it would surprise many users). James summarized it nicely: # The design of the AppArmor is based on _appearing simple_, but at the # expense of completeness and thus correctness. If even Lars can be surprised by AAs behaviour, I do not think we can say "AA is different". I'm afraid that AA is trap for users. It appears simple, and mostly does what it is told, but does not do _what user wants_. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
