[apparmor] [Bug 731155] [NEW] Matching of named profile fails when attachment doesn't contain globbing

John Johansen john.johansen at canonical.com
Tue Mar 8 09:45:51 UTC 2011 

Public bug reported:

Profiles that specify a name and attachment specification fail to attach
when the attachment specification doesn't contain globbing.

eg.
   # profile name and attachment the same - attaches as expected
   profile /usr/lib/chromium-browser/chromium-browser

   # profile without attachment specification - does not attach as expected
  profile chromium-browser

  # profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
  profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*

  # profile with name and attachment specification without globbing - FAILS to attach when it should
  profile chromium-browser /usr/lib/chromium-browser/chromium-browser


The attachment of the profile can be seen using aa-status or ps -Zu <userid>

** Affects: apparmor
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/731155

Title:
  Matching of named profile fails when attachment doesn't contain
  globbing

Status in AppArmor Linux application security framework:
  New

Bug description:
  Profiles that specify a name and attachment specification fail to
  attach when the attachment specification doesn't contain globbing.

  eg.
     # profile name and attachment the same - attaches as expected
     profile /usr/lib/chromium-browser/chromium-browser

     # profile without attachment specification - does not attach as expected
    profile chromium-browser

    # profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
    profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*

    # profile with name and attachment specification without globbing - FAILS to attach when it should
    profile chromium-browser /usr/lib/chromium-browser/chromium-browser

  
  The attachment of the profile can be seen using aa-status or ps -Zu <userid>

More information about the AppArmor mailing list