On Tue, Sep 30, 2014 at 06:49:08PM -0500, Tyler Hicks wrote:
> Bug: https://bugs.launchpad.net/bugs/1375516
> 
> The unix_socket test program calls getsockopt() after calling bind().
> Because AppArmor continues to use traditional file rules for sockets
> bound to a filesystem path, it does not mediate some socket operations
> after the socket has been bound to the filesystem path. The getopt
> permission is one of those socket operations.
> 
> To account for this lack of mediation, the getopt permission should be
> removed from the server permissions list.
> 
> Signed-off-by: Tyler Hicks <[email protected]>

Acked-by: Steve Beattie <[email protected]>

Thanks.


-- 
Steve Beattie
<[email protected]>
http://NxNW.org/~steve/

Attachment: signature.asc
Description: Digital signature

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to