On 2/3/20 1:43 PM, Casey Schaufler wrote:
On 2/3/2020 1:02 PM, John Johansen wrote:
On 1/24/20 12:16 PM, Stephen Smalley wrote:
...
Aside from the trailing newline and \0 issues, AppArmor also has a whitespace-separated (mode) field that may or may not be present in the contexts it presently returns, ala "/usr/sbin/cupsd (enforce)". Not sure what they want for the new interfaces.
It is not needed for the new interface. And if I could go back and remove it from the old interface I would.
So, what would the "context" for this case be? "/usr/sbin/cupsd" or "enforce"?
"/usr/sbin/cupsd"
"enforce" is the profile mode which can be looked up separately using "/usr/sbin/cupsd" if it is really needed.
