On Wed, Apr 11, 2012 at 01:53:42PM -0700, John Johansen wrote:
> Currently a change_profile rule does not grant access to the
> /proc/<pid>/attr/{current,exec} interfaces that are needed to perform
> a change_profile or change_onexec, requiring that an explicit rule allowing
> access to the interface be granted.
>
> Make it so change_profile implies the necessary
> /proc/@{PID}/attr/{current,exec} w,
>
> rule just like the presence of hats does for change_hat
>
>
> Signed-off-by: John Johansen <[email protected]>Acked-By: Steve Beattie <[email protected]> Thanks. -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
