[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: [apparmor] [Bug 1014304] Re: genprof misses some permissions
From: John Johansen <john.johansen () canonical ! com>
Date: 2012-06-21 1:26:47
Message-ID: 20120621012647.26814.84091.malone () soybean ! canonical ! com
[Download RAW message or body]
Christian
yes it looks like there may be some tracking issues when a new profile
is added (could be only around children and hats). The "r" permission
is definitely there in the log, and there is even enough info to track
across the exec. So its not the problem I initially suspected; there is
a huge logging problem at the moment around exec where do to lsm_audit
many of apparmor's messages get lost especially around exec. This
permission not getting added to profiles as well but in this case
logprof would not pick up the second time through.
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/1014304
Title:
genprof misses some permissions
Status in AppArmor Linux application security framework:
New
Bug description:
Take this little demo script:
#!/bin/bash
echo "Hello World!" > /tmp/hello.txt
cat /tmp/hello.txt
rm /tmp/hello.txt
I created a profile for it using genprof. Most important point: select
"child" for executing /bin/rm, see attached screendump.txt for
details.
When I run logprof after the genprof run, it proposes
Profile: /home/cb/linuxtag/apparmor/scripts/hello
Path: /usr/bin/rm
Old Mode: Cx
New Mode: rCx
That's something genprof should have catched...
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1014304/+subscriptions
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic