[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: [apparmor] [Bug 979135] Re: change_profile requires separate permission rule to access /proc interfa
From: Steve Beattie <sbeattie () ubuntu ! com>
Date: 2012-04-13 17:46:56
Message-ID: 20120413174656.3942.29671.malone () wampee ! canonical ! com
[Download RAW message or body]
Committed in trunk revno 2030
** Changed in: apparmor
Status: New => Fix Committed
** Changed in: apparmor
Milestone: None => 2.8.0
** Changed in: apparmor
Importance: Undecided => Medium
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/979135
Title:
change_profile requires separate permission rule to access /proc
interface
Status in AppArmor Linux application security framework:
Fix Committed
Bug description:
When a profile contains a rule granting permission to use the change_profile \
interface
Eg.
change_profile -> **,
it is not enough permissions to actually use the interface, because write \
permission to access the interface at /proc/self/attr/{current,exec} w,
is also needed.
If a change_profile rule is present it should imply that this
permission is granted
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/979135/+subscriptions
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic