Hi,
It seems that AppArmor can't be effectively used to protect read access
to files from users (including roots). It is possible to create a profile
for, eg, 'cat', but then the users can use 'less'.
Is this true? Should use SELinux instead for this?
Thanks!
Bookmarks