[Apparmor-dev] Towards AppArmor 3.0

[Rob Meijer]

On Fri, December 5, 2008 07:42, John Johansen wrote:
> If you have
> an idea or feature you would like to see, please don't hesitate to join
> into the discussion, or email me privately.
>
>
> john

Hi John,

I have a few features that would be very interesting with respect to
using AppArmor as the base for using MinorFs.


1) Reading of symbolic links governed by explicit profile rules.
2) A way to express /proc/$SELFPID in a profile.
3) A facility for use by a user space process (such as minorviewfs) that
   can be used to map a process-id to a unforgeable call-chain-id.


Rob