AppArmor

Merge lp:~sdeziel/apparmor/user-mail into lp:apparmor/2.12

  1. user-mail
  2. Merge into master
Proposed by Simon Déziel
Status: Merged
Merged at revision: 3439
Proposed branch: lp:~sdeziel/apparmor/user-mail
Merge into: lp:apparmor/2.12
Diff against target: 12 lines (+1/-1)
1 file modified
profiles/apparmor.d/abstractions/user-mail (+1/-1)
To merge this branch: bzr merge lp:~sdeziel/apparmor/user-mail
Reviewer Review Type Date Requested Status
Seth Arnold Approve
Review via email: mp+291934@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Looks good to me, but tightening a rule in an abstraction feels like something that ought to be reviewed by several people..

THanks

Revision history for this message
Simon Déziel (sdeziel) wrote :

Since the rule matched only for files directly under /var/mail makes is a hint that it was always intended to cover users' mailboxes. But yeah, more reviewers would be welcome.

Revision history for this message
Christian Boltz (cboltz) wrote :

Looks good to me too - and I just checked that the files in /var/spool/mail/ are really owned by the respective user.

Seth, if you think two reviews are enough, please merge this ;-)

Revision history for this message
Seth Arnold (seth-arnold) wrote :

Thanks Christian, Simon!

Committed revision 3439.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'profiles/apparmor.d/abstractions/user-mail'
2--- profiles/apparmor.d/abstractions/user-mail 2014-10-09 20:48:37 +0000
3+++ profiles/apparmor.d/abstractions/user-mail 2016-04-14 19:16:51 +0000
4@@ -14,7 +14,7 @@
5 owner @{HOME}/[mM]ail/** rwl,
6 owner @{HOME}/postponed* rwl,
7 /var/{,spool/}mail/ r,
8- /var/{,spool/}mail/* rwl,
9+ owner /var/{,spool/}mail/* rwl,
10 owner @{HOME}/mbox.lock* rwl,
11 owner @{HOME}/mbox rw,
12 owner @{HOME}/inbox rw,

Subscribers

People subscribed via source and target branches