[apparmor] [Bug 731155] Re: Matching of named profile fails when attachment doesn't contain globbing
john.johansen at canonical.com
Tue Mar 8 09:47:13 UTC 2011
** Patch added: "proposed patch from apparmor mailing list"
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
Matching of named profile fails when attachment doesn't contain
Status in AppArmor Linux application security framework:
Profiles that specify a name and attachment specification fail to
attach when the attachment specification doesn't contain globbing.
# profile name and attachment the same - attaches as expected
# profile without attachment specification - does not attach as expected
# profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*
# profile with name and attachment specification without globbing - FAILS to attach when it should
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
The attachment of the profile can be seen using aa-status or ps -Zu <userid>
More information about the AppArmor