On 10/20/14, intrigeri <intrigeri@???> wrote:
> Hi folks,
>
> [Cc'ing my fellow Tails developers, and also the Freepto ones who
> might be interested.]
>
> I'm super happy to tell you that we've now released Tails 1.2,
> finally with some minimal AppArmor support! :)
>
> Our implementation is described on
> https://tails.boum.org/contribute/design/application_isolation/
Congratulations! I've been using Tails with AppArmor and I'm pretty
happy at how well it works.
There is one hitch for me and it is largely a development issue:
I've recently released tlsdate 0.0.11 - part of the release was aiming
to target Tails. Sadly, I found that the AppArmor profiles were
totally broken as expected because of the UnionFS issues. I'm happy to
spin another release and I'd like to update the upstream AppArmor
profiles in a way that will benefit Tails directly. What do you think
is the best way to write the upstream policies so that they work in
normal Debian and in (live distros like) Tails?
All the best,
Jacob
