[apparmor] [PATCH 32/32] apparmor: Fix quieting of audit messages for network mediation
john.johansen at canonical.com
Fri Feb 1 01:50:41 UTC 2013
On 01/31/2013 05:44 PM, Seth Arnold wrote:
> On Wed, Jan 16, 2013 at 01:29:01PM -0800, John Johansen wrote:
>> From: John Johansen <john.johansen at canonical.com>
>> If a profile specified a quieting of network denials for a given rule by
>> either the quiet or deny rule qualifiers, the resultant quiet mask for
>> denied requests was applied incorrectly, resulting in two potential bugs.
>> 1. The misapplied quiet mask would prevent denials from being correctly
>> tested against the kill mask/mode. Thus network access requests that
>> should have resulted in the application being killed did not.
>> 2. The actual quieting of the denied network request was not being applied.
>> This would result in network rejections always being logged even when
>> they had been specifically marked as quieted.
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
> This is a one-line fix to the previous patch -- you might as well
> collapse them into one patch. :)
> Acked-by: Seth Arnold <seth.arnold at canonical.com>
Actual reason its not collapsed is because the networking patch is being
replaced. These two are just temporary place holders
More information about the AppArmor