[apparmor] [patch] fix aa-logprof rewrite of PUx modes.
steve at nxnw.org
Tue Apr 24 17:58:37 UTC 2012
On Tue, Apr 24, 2012 at 09:38:12AM -0700, John Johansen wrote:
> On 04/24/2012 09:02 AM, Steve Beattie wrote:
> > Subject: fix aa-logprof rewrite of PUx modes.
> > When writing out a profile, aa-logprof incorrectly converts PUx execute
> > permission modes to the syntactically invalid UPx mode, because the
> > function that converts the internal representation of permissions to
> > a string emits the U(nconfined) mode bit before the P bit.
> > This patch corrects this by reordering the way the exec permissions
> > are emitted, so that P and C modes come before U and i. Based on
> > http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Execute_rules
> > this should emit the modes correctly in all combined exec modes.
> > Other approaches to fixing this would require adjusting the data
> > structure that contains the permission modes, resulting in a more
> > invasive patch.
> > Bug: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/982619
> it looks good
> Acked-by: John Johansen <john.johansen at canonical.com>
Thanks. This should probably go into 2.7 as well. Okay to do so?
<sbeattie at ubuntu.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: Digital signature
More information about the AppArmor