On Tue, Sep 30, 2014 at 06:49:08PM -0500, Tyler Hicks wrote: > Bug: https://bugs.launchpad.net/bugs/1375516 > > The unix_socket test program calls getsockopt() after calling bind(). > Because AppArmor continues to use traditional file rules for sockets > bound to a filesystem path, it does not mediate some socket operations > after the socket has been bound to the filesystem path. The getopt > permission is one of those socket operations. > > To account for this lack of mediation, the getopt permission should be > removed from the server permissions list. > > Signed-off-by: Tyler Hicks <[email protected]>
Acked-by: Steve Beattie <[email protected]> Thanks. -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
