1. 28 Apr, 2013 1 commit
  2. 09 Apr, 2012 2 commits
  3. 03 Apr, 2012 1 commit
  4. 27 Feb, 2012 1 commit
  5. 07 Sep, 2010 1 commit
  6. 01 Aug, 2010 1 commit
    • John Johansen's avatar
      AppArmor: mediation of non file objects · 0ed3b28a
      John Johansen authored
      AppArmor ipc is currently limited to mediation done by file mediation
      and basic ptrace tests.  Improved mediation is a wip.
      AppArmor provides basic abilities to set and control rlimits at
      a per profile level.  Only resources specified in a profile are controled
      or set.  AppArmor rules set the hard limit to a value <= to the current
      hard limit (ie. they can not currently raise hard limits), and if
      necessary will lower the soft limit to the new hard limit value.
      AppArmor does not track resource limits to reset them when a profile
      is left so that children processes inherit the limits set by the
      parent even if they are not confined by the same profile.
      Capabilities:  AppArmor provides a per profile mask of capabilities,
      that will further restrict.
      Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
      Signed-off-by: default avatarJames Morris <jmorris@namei.org>