[apparmor] [Bug 840734] Re: abstractions/python not including /usr/include/python folders

[Steve Beattie]

Thanks, I've added

  /usr/include/python{2,3}.[0-7]*/pyconfig.h r,

to the python abstraction (lp:apparmor commit 1854). It's unclear to me
why the python runtimes would need access to this or other headers.
Please reopen this bug if turns up that access to other headers is
necessary.

** Changed in: apparmor
       Status: New => Fix Committed

** Changed in: apparmor
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/840734

Title:
  abstractions/python not including /usr/include/python folders

Status in AppArmor Linux application security framework:
  Fix Committed

Bug description:
  Binary package hint: apparmor

  How to find:

  hani at JustD:~$ cat /home/hani/myapp
  #! /usr/bin/python
  hani at JustD:~$ sudo aa-autodep /home/hani/myapp
  hani at JustD:~$ chmod +x myapp
  hani at JustD:~$ ./myapp

  hani at JustD:~$ sudo aa-logprof home.hani.myapp
  Reading log entries from /var/log/syslog.
  Updating AppArmor profiles in /etc/apparmor.d.
  Complain-mode changes:

  Profile:  /home/hani/myapp
  Path:     /usr/include/python2.7/pyconfig.h
  Mode:     r
  Severity: unknown

  
  abstractions/python doesn't include the python folders in /usr/include. These are:
  /usr/include/python2.6
  /usr/include/python2.6_d
  /usr/include/python2.7
  /usr/include/python2.7_d
  /usr/include/python3.1
  /usr/include/python3.2mu

  Fix: Adding /usr/include/python{2,3}.[0-7]*/** r,  to
  /etc/apparmor.d/abstractions/python

  I've attached a diff for that.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/840734/+subscriptions