Novell LINUX ENTERPRISE SERVER 11 - SECURITY Manual page 288

11 Repeat the previous steps if you need to execute more functionality of the
274 Security Guide
Unconfined
Execute the program without a security profile. When prompted, have
AppArmor sanitize the environment to avoid adding security risks
by inheriting certain environment variables from the parent process.
WARNING: Risks of Running Unconfined
Unless absolutely necessary, do not run unconfined. Choosing
the Unconfined option executes the new program without any
protection from AppArmor.
Deny
Click Deny to prevent the program from accessing the specified paths.
Abort
Abort aa-logprof, losing all rule changes entered so far and leaving
all profiles unmodified.
Finish
Close aa-logprof, saving all rule changes entered so far and modifying
all profiles.
application.
When you are done, click Finish. Choose to apply your changes to the local
profile set. If you have previously chosen to upload your profile to the external
profile repository, provide a brief change log entry describing your work and
upload the profile. If you had postponed the decision on whether to upload
the profile or not, YaST asks you again and you can create an account the
upload the profile now or not upload it at all.
As soon as you exit the Profile Creation Wizard, the profile is saved both lo-
cally and on the repository server, if you have chosen to upload it. The profile
is then loaded into the AppArmor module.