[apparmor] [Bug 731155] Re: Matching of named profile fails when attachment doesn't contain globbing
Steve Beattie
sbeattie at ubuntu.com
Mon Mar 21 18:28:34 UTC 2011
** Also affects: apparmor/2.6
Importance: Undecided
Status: New
** Changed in: apparmor/2.6
Status: New => Fix Committed
** Changed in: apparmor/2.6
Importance: Undecided => High
** Changed in: apparmor/2.6
Milestone: None => 2.6.1
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/731155
Title:
Matching of named profile fails when attachment doesn't contain
globbing
Status in AppArmor Linux application security framework:
Fix Released
Status in AppArmor 2.6 series:
Fix Committed
Bug description:
Profiles that specify a name and attachment specification fail to
attach when the attachment specification doesn't contain globbing.
eg.
# profile name and attachment the same - attaches as expected
profile /usr/lib/chromium-browser/chromium-browser
# profile without attachment specification - does not attach as expected
profile chromium-browser
# profile with name and attachment specification where the attachment specification uses globbing - attaches as expected
profile chromium-browser /usr/lib/chromium-browser/chromium-broswer*
# profile with name and attachment specification without globbing - FAILS to attach when it should
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
The attachment of the profile can be seen using aa-status or ps -Zu <userid>
More information about the AppArmor
mailing list