[apparmor] [Bug 979135] Re: change_profile requires separate permission rule to access /proc interface
Launchpad Bug Tracker
979135 at bugs.launchpad.net
Thu Apr 12 16:49:18 UTC 2012
** Branch linked: lp:ubuntu/apparmor
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/979135
Title:
change_profile requires separate permission rule to access /proc
interface
Status in AppArmor Linux application security framework:
New
Bug description:
When a profile contains a rule granting permission to use the change_profile interface
Eg.
change_profile -> **,
it is not enough permissions to actually use the interface, because write permission to access the interface at
/proc/self/attr/{current,exec} w,
is also needed.
If a change_profile rule is present it should imply that this
permission is granted
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/979135/+subscriptions
More information about the AppArmor
mailing list