[apparmor] [PATCH 32/32] apparmor: Fix quieting of audit messages for network mediation

Seth Arnold seth.arnold at canonical.com
Fri Feb 1 01:44:33 UTC 2013

On Wed, Jan 16, 2013 at 01:29:01PM -0800, John Johansen wrote:
> From: John Johansen <john.johansen at canonical.com>
> If a profile specified a quieting of network denials for a given rule by
> either the quiet or deny rule qualifiers, the resultant quiet mask for
> denied requests was applied incorrectly, resulting in two potential bugs.
> 1. The misapplied quiet mask would prevent denials from being correctly
>    tested against the kill mask/mode. Thus network access requests that
>    should have resulted in the application being killed did not.
> 2. The actual quieting of the denied network request was not being applied.
>    This would result in network rejections always being logged even when
>    they had been specifically marked as quieted.
> Signed-off-by: John Johansen <john.johansen at canonical.com>

This is a one-line fix to the previous patch -- you might as well
collapse them into one patch. :)

Acked-by: Seth Arnold <seth.arnold at canonical.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130131/1cfa8f95/attachment.pgp>

More information about the AppArmor mailing list