[apparmor] [PATCH 3/3] Fix change_profile to grant access to api

Steve Beattie steve at nxnw.org
Wed Apr 11 22:42:05 UTC 2012

On Wed, Apr 11, 2012 at 01:53:42PM -0700, John Johansen wrote:
> Currently a change_profile rule does not grant access to the
> /proc/<pid>/attr/{current,exec} interfaces that are needed to perform
> a change_profile or change_onexec, requiring that an explicit rule allowing
> access to the interface be granted.
> Make it so change_profile implies the necessary
>   /proc/@{PID}/attr/{current,exec} w,
> rule just like the presence of hats does for change_hat
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-By: Steve Beattie <sbeattie at ubuntu.com>


Steve Beattie
<sbeattie at ubuntu.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120411/2d77f58e/attachment.pgp>

More information about the AppArmor mailing list