[Pkg-swan-devel] Add support dropping capabilities
xalloc
xalloc at protonmail.com
Wed May 22 13:48:16 BST 2019
I understand but sadly Strongswan is run by root by default, so even worse.
I have no experience on Apparmor and I'm not the one that will fix the dirty work.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
Il martedì 21 maggio 2019 16:34, Yves-Alexis Perez <corsac at debian.org> ha scritto:
> On Tue, 2019-05-21 at 14:02 +0000, xalloc wrote:
>
> > Thank you,
> > I was wrong, that capability was actually enabled. The problem was Ubuntu
> > Apparmor, so I disabled that module.
>
> Hi, if you care about security that doesn't look like a good idea. Maybe
> there's some fine-tuning needed to the AppArmor profile though.
>
> Regards,
>
> -----------------------------------------------------------------------------------------------------------------------------------------------------
>
> Yves-Alexis
More information about the Pkg-swan-devel
mailing list