intrigeri wrote...
> tl;dr: I hereby propose we enable AppArmor by default in testing/sid,
> and decide one year later if we want to keep it this way in the
> Buster release.
I really appreciate your approach of trying this out while being
prepared this might turn out to be a bad idea. Or: Promoting an idea
without being pushy about it.
So while adding another security layer is certainly something to
consider, I'm as well interested in whether this is feasible for a
generic-purpose distribution like Debian. The worst thing that could
happen was people will have to do the counterpart of chmod 777. Then it
was a bad idea, but we (as in Debian) have substantiation for such a
claim.
Christoph
Attachment:
signature.asc
Description: Digital signature