[apparmor] [PATCH 32/32] apparmor: Fix quieting of audit messages for network mediation
Seth Arnold
seth.arnold at canonical.com
Fri Feb 1 01:44:33 UTC 2013
On Wed, Jan 16, 2013 at 01:29:01PM -0800, John Johansen wrote:
> From: John Johansen <john.johansen at canonical.com>
>
> If a profile specified a quieting of network denials for a given rule by
> either the quiet or deny rule qualifiers, the resultant quiet mask for
> denied requests was applied incorrectly, resulting in two potential bugs.
> 1. The misapplied quiet mask would prevent denials from being correctly
> tested against the kill mask/mode. Thus network access requests that
> should have resulted in the application being killed did not.
>
> 2. The actual quieting of the denied network request was not being applied.
> This would result in network rejections always being logged even when
> they had been specifically marked as quieted.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
This is a one-line fix to the previous patch -- you might as well
collapse them into one patch. :)
Acked-by: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130131/1cfa8f95/attachment.pgp>
More information about the AppArmor
mailing list