[apparmor] [Bug 731184] Re: apparmor_parser fails to consider its own time stamp when determining if profile cache is stale

John Johansen john.johansen at canonical.com
Tue Mar 8 18:05:53 UTC 2011


Right this isn't a bug that will affect Ubuntu with the current way
things are packaged.  I don't even think it is something that needs to
be considered in the metadata, the parser can just look at its own
timestamp and compare it to the cache file, just like it is already
doing for the source files.

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/731184

Title:
  apparmor_parser fails to consider its own time stamp when determining
  if profile cache is stale

Status in AppArmor Linux application security framework:
  New

Bug description:
  If the apparmor_parser is updated (outside of current packaging), when
  doing profile loads it will use the existing cache of compiled
  profiles, instead of forcing a recompile on profiles.

  This can cause apparmor to load bad policy if the parser contains a
  bug fix for the previous version of the parser.

  This can be worked around in packaging by invalidating the cache and
  forcing a profile reload when the parser is upgraded.



More information about the AppArmor mailing list