Prev: cciss: export linux/cciss_defs.h header
Next: pm_op(): usb_dev_suspend+0x0/0x10 returns -2 on USB device 8087:0020
From: John Johansen on 23 Feb 2010 02:50
Serge E. Hallyn wrote:
> Quoting john.johansen(a)canonical.com (john.johansen(a)canonical.com):
>> From: John Johansen <john.johansen(a)canonical.com>
>>

<< snip >>

>> +config SECURITY_APPARMOR_NETWORK
>> + bool "AppArmor network support"
>> + depends on SECURITY_APPARMOR
>> + default n
>> + help
>> + This enables AppArmor to mediate applications network use.
>> + This will enable the SECURITY_NETWORK hooks.
>
> Is there a compelling reason to have SECURITY_APPARMOR_NETWORK? Does
> it impact performance? Is there older userspace that will just break?
>
No, not really anymore. There used to be a case where I was building
with network hooks off and this has just been carried forward.

So it can go along with config APPARMOR_24_COMPAT, and I have even
been considering pulling the runtime disable as well as I don't
think there is a case for that either.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: cciss: export linux/cciss_defs.h header
Next: pm_op(): usb_dev_suspend+0x0/0x10 returns -2 on USB device 8087:0020