[apparmor] [Bug 731155] Re: Matching of named profile fails when attachment doesn't contain globbing
John Johansen
john.johansen at canonical.com
Tue Mar 8 09:47:13 UTC 2011
** Patch added: "proposed patch from apparmor mailing list"
https://bugs.launchpad.net/apparmor/+bug/731155/+attachment/1893521/+files/aa.patch
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/731155
Title:
Matching of named profile fails when attachment doesn't contain
globbing
Status in AppArmor Linux application security framework:
New
Bug description:
Profiles that specify a name and attachment specification fail to
attach when the attachment specification doesn't contain globbing.
eg.
# profile name and attachment the same - attaches as expected
profile /usr/lib/chromium-browser/chromium-browser
# profile without attachment specification - does not attach as expected
profile chromium-browser
# profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*
# profile with name and attachment specification without globbing - FAILS to attach when it should
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
The attachment of the profile can be seen using aa-status or ps -Zu <userid>
More information about the AppArmor
mailing list