Mailinglist Archive: opensuse-security (50 mails)
| < Previous | Next > |
Re: [suse-security] AppArmor in SUSE 10.0
- From: Malte Gell <malte.gell@xxxxxx>
- Date: Tue, 2 May 2006 02:34:19 +0200
- Message-id: <200605020234.19945.malte.gell@xxxxxx>
On Monday 01 May 2006 03:52, Crispin Cowan wrote:
> To un-restrict AppArmor 1.2 in SUSE Linux 10.0, place the attached
> file darix.pem into /etc/apparmor/certs/ and it'll unlock the whole
> mess.
>
> What's going on: AppArmor 1.2 in SL10.0 has an evil DRM hack in it so
> that it will only generate profiles for pathnames that SUSE has
> signed for. This was as open as we could make it at the time that
> SL10.0 had to ship last fall, before we had permission to open source
> AppArmor.
Thank you very much! So the restriction was a legal issue. I guess most
people may have thought it had other reasons ;-) As Marcus suggested,
wouldn´t it be even more nice to offer this certificate as a regular
patch via YOU? Do you get any feedback from people using AA, is its use
widely spread, any big names using it?
Regards
Malte
> To un-restrict AppArmor 1.2 in SUSE Linux 10.0, place the attached
> file darix.pem into /etc/apparmor/certs/ and it'll unlock the whole
> mess.
>
> What's going on: AppArmor 1.2 in SL10.0 has an evil DRM hack in it so
> that it will only generate profiles for pathnames that SUSE has
> signed for. This was as open as we could make it at the time that
> SL10.0 had to ship last fall, before we had permission to open source
> AppArmor.
Thank you very much! So the restriction was a legal issue. I guess most
people may have thought it had other reasons ;-) As Marcus suggested,
wouldn´t it be even more nice to offer this certificate as a regular
patch via YOU? Do you get any feedback from people using AA, is its use
widely spread, any big names using it?
Regards
Malte
| < Previous | Next > |