Apparmor??Linux????е????????????
???????????? ???????[ 2013/3/5 9:39:35 ] ????????
??????2?????????
????Apparmor????????????????setrlimit???????????????????????????????????????????????????????д??
????set rlimit [resource] <= [value]??
??????resource?????????????value???????????
?????????????????????????????????????????д??
????set rlimit as<=1M?? ???????????????????1M??
???????Apparmor???????????????????????????fsize??data??stack??core??rss??as??memlock??msgqueue???????????????????????CPU?????????????????OJ?????ACMer?????????????????????????????????Apparmor????OJ????????飬???????????????CPU???????????
??????3??????????
????Apparmor?????????????????????????????????????????????
????network [ [domain] [type] [protocol] ]
????????????????????domain??type??protocol??????
??????ó????????????е????????????????????????д??
????network??
?????????????????IPv4?????TCPЭ?飬????????д??
????network inet tcp??
????(4)capability???
????Capability statements are simply the word capability followed by the name of the POSIX.1e capability as defined in the capabilities(7) man page.
??????linux???????????????capablities?б??apparmor?????????????????????б??????????磺
????capability setgid??????????????setgid??????
?????????????????д
?????????????д????????????????????/etc/apparmor.d??????£?????и?????????????????????????????
????sudo genprof [filename]
??????????????????????????????????????????????
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com