Merge pull request #35113 from tych0/drop-useless-apparmor
drop useless apparmor denies
This commit is contained in:
Sebastiaan van Stijn
GitHub
commit
9b9d00dd4b
1 changed files with 0 additions and 2 deletions
|
|
@ -24,8 +24,6 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
|
|||
deny @{PROC}/sys/[^k]** w, # deny /proc/sys except /proc/sys/k* (effectively /proc/sys/kernel)
|
||||
deny @{PROC}/sys/kernel/{?,??,[^s][^h][^m]**} w, # deny everything except shm* in /proc/sys/kernel/
|
||||
deny @{PROC}/sysrq-trigger rwklx,
|
||||
deny @{PROC}/mem rwklx,
|
||||
deny @{PROC}/kmem rwklx,
|
||||
deny @{PROC}/kcore rwklx,
|
||||
|
||||
deny mount,
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue