[ubuntu-hardened] 16.04 LTS: /proc/self/attr/current file and the current security attr. of the process result: not confined (unconfined).

daniel curtis sidetripping at gmail.com
Mon May 15 10:55:21 UTC 2017


Hi.

Today, I've found an interesting bug on Launchpad concerning LighDM and
guest session [1]. Generally, Mr Tyle Hicks discovered that "processes
launched under a lightdm guest session are not confined by the /usr/lib/
lightdm/lightdm-guest-session AppArmor profile in Ubuntu 16.10 (...)"

It can be checked via '/proc/self/attr/current' file. The contents of this
file represent the current security attributes of the process etc. I've
checked it on 16.04.2 LTS Release but not under guest session, but as a
logged user. Here is the result:

[~]$ cat /proc/self/attr/current
unconfined

I would like to ask: is it normall? I've done it just for a testing
purposes. Nothing more, nothing less. So, is it OK? If this file represent
the current security attr of the process, then this result seems to be
normal... What is your opinions?

Thanks, best regards.
____________________
[1] https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1663157
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20170515/9aa2496f/attachment.html>


More information about the ubuntu-hardened mailing list