[apparmor] [Bug 731184] Re: apparmor_parser fails to consider its own time stamp when determining if profile cache is stale
john.johansen at canonical.com
Tue Mar 8 18:05:53 UTC 2011
Right this isn't a bug that will affect Ubuntu with the current way
things are packaged. I don't even think it is something that needs to
be considered in the metadata, the parser can just look at its own
timestamp and compare it to the cache file, just like it is already
doing for the source files.
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
apparmor_parser fails to consider its own time stamp when determining
if profile cache is stale
Status in AppArmor Linux application security framework:
If the apparmor_parser is updated (outside of current packaging), when
doing profile loads it will use the existing cache of compiled
profiles, instead of forcing a recompile on profiles.
This can cause apparmor to load bad policy if the parser contains a
bug fix for the previous version of the parser.
This can be worked around in packaging by invalidating the cache and
forcing a profile reload when the parser is upgraded.
More information about the AppArmor