[Bug 1233895] Re: AppArmor hooks incorrectly build query string for receiving process

Jamie Strandboge jamie at ubuntu.com
Tue Oct 1 23:10:56 UTC 2013 

apparmor-easyprof has some rules that need to be adjusted after this bug
is fixed. The adjusted rules are valid in the buggy or fixed version of
dbus, so apparmor-easyprof-ubuntu can be updated at any time.

** Also affects: dbus (Ubuntu Saucy)
   Importance: High
     Assignee: Tyler Hicks (tyhicks)
       Status: In Progress

** Also affects: apparmor-easyprof-ubuntu (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: apparmor-easyprof-ubuntu (Ubuntu Saucy)
       Status: New => In Progress

** Changed in: apparmor-easyprof-ubuntu (Ubuntu Saucy)
     Assignee: (unassigned) => Jamie Strandboge (jdstrand)

** Changed in: apparmor-easyprof-ubuntu (Ubuntu Saucy)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1233895

Title:
  AppArmor hooks incorrectly build query string for receiving process

Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  In Progress
Status in “dbus” package in Ubuntu:
  In Progress
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
  In Progress
Status in “dbus” source package in Saucy:
  In Progress

Bug description:
  While reviewing the AppArmor hooks in dbus-daemon, I noticed that the AppArmor
  query string for the receiving process was being constructed incorrectly in
  dbus 1.6.12-0ubuntu5.

  Here's the query for the sending process. Note that the message destination is
  used for the AppArmor query's peer name (the fourth parameter):

        qsize = build_query (&qstr, scon->context, bustype, destination,
                             tcon->context, path, interface, method);

  Here's the query for the receiving process. Note that the message destination
  is still being used for the AppArmor query's peer name. This is incorrect
  because the peer of the receiving process is the sender.

        qsize = build_query (&qstr, tcon->context, bustype, destination,
                             scon->context, path, interface, method);

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1233895/+subscriptions

More information about the foundations-bugs mailing list