This repository has been archived by the owner on Feb 12, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(apparmor): Fix spam of DENIED messages on openSUSE
AppArmor produced spams lot's of log messages like these: ``` type=AVC msg=audit(1548784382.499:2192): apparmor="DENIED" operation="file_mmap" profile="qtox" name="/tmp/#13317" pid=6389 comm="qtox" requested_mask="m" denied_mask="m" fsuid=1000 ouid=1000 ``` These appears to be libpcre2 mmaped shared memory, related to jitting. Deny mmap()'ing files for execution from /tmp directory because currently there is no way to allow shared memory access explicitly with AppArmor, so we choose more secure way (while probably loosing regex performance).
- Loading branch information