unconfined - outputs a list of processes with tcp or udp ports that do not have AppArmor profiles loaded
#name
NAME
#synopsis
SYNOPSIS
#description
DESCRIPTION
#bugs
BUGS
#see_also
SEE ALSO
NAME
unconfined - outputs a list of processes with tcp or udp ports that do not have AppArmor profiles loaded
SYNOPSIS
unconfined
DESCRIPTION
unconfined
uses
netstat(8)
to determine which processes have open
network sockets and do not have AppArmor profiles loaded into the kernel.
BUGS
unconfined
must be run as root to retrieve the process executable
link from the
/proc
filesystem. This program is susceptible to the following
race conditions:
- an unlinked executable will be mishandled
- an executable started before an AppArmor profile is loaded will not
appear in the output, despite running without confinement
- a process that dies between the between the netstat(8)
and further checks will be mishandled.
Note:
This program only lists processes using TCP and UDP. In short, this
program is unsuitable for forensics use and is provided only as an aid
to profiling all network-accessible processes in the lab.
If you find any bugs, please report them to bugzilla at
http://bugs.wirex.com
http://bugs.wirex.com
.
SEE ALSO
netstat(8), subdomain(7), subdomain.d(5), and change_hat(2).
unconfined - outputs a list of processes with tcp or udp ports that do not have AppArmor profiles loaded
