projects / profile / ivi / kernel-x86-ivi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 736ec75) | patch
AppArmor: core policy routines
authorJohn Johansen <john.johansen@canonical.com>
Thu, 29 Jul 2010 21:48:00 +0000 (14:48 -0700)
committerJames Morris <jmorris@namei.org>
Mon, 2 Aug 2010 05:38:37 +0000 (15:38 +1000)
commitc88d4c7b049e87998ac0a9f455aa545cc895ef92
tree1859582b4afec1116b6831ea89ae27c35209991atree | snapshot
parent736ec752d95e91e77cc0e8c97c057ab076ac2f51commit | diff
AppArmor: core policy routines

The basic routines and defines for AppArmor policy.  AppArmor policy
is defined by a few basic components.
      profiles - the basic unit of confinement contain all the information
                 to enforce policy on a task

                 Profiles tend to be named after an executable that they
                 will attach to but this is not required.
      namespaces - a container for a set of profiles that will be used
                 during attachment and transitions between profiles.
      sids - which provide a unique id for each profile

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/apparmor/include/policy.h [new file with mode: 0644] blob
security/apparmor/include/sid.h [new file with mode: 0644] blob
security/apparmor/policy.c [new file with mode: 0644] blob
security/apparmor/sid.c [new file with mode: 0644] blob
Domain: System / Uncategorized;