[apparmor] [Bug 731155] [NEW] Matching of named profile fails when attachment doesn't contain globbing
John Johansen
john.johansen at canonical.com
Tue Mar 8 09:45:51 UTC 2011
Public bug reported:
Profiles that specify a name and attachment specification fail to attach
when the attachment specification doesn't contain globbing.
eg.
# profile name and attachment the same - attaches as expected
profile /usr/lib/chromium-browser/chromium-browser
# profile without attachment specification - does not attach as expected
profile chromium-browser
# profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*
# profile with name and attachment specification without globbing - FAILS to attach when it should
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
The attachment of the profile can be seen using aa-status or ps -Zu <userid>
** Affects: apparmor
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/731155
Title:
Matching of named profile fails when attachment doesn't contain
globbing
Status in AppArmor Linux application security framework:
New
Bug description:
Profiles that specify a name and attachment specification fail to
attach when the attachment specification doesn't contain globbing.
eg.
# profile name and attachment the same - attaches as expected
profile /usr/lib/chromium-browser/chromium-browser
# profile without attachment specification - does not attach as expected
profile chromium-browser
# profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*
# profile with name and attachment specification without globbing - FAILS to attach when it should
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
The attachment of the profile can be seen using aa-status or ps -Zu <userid>
More information about the AppArmor
mailing list