** Changed in: linux (Ubuntu Zesty)
Status: Incomplete => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1678032
Title:
apparmor: does not provide a way to detect policy updataes
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Xenial:
Incomplete
Status in linux source package in Yakkety:
Incomplete
Status in linux source package in Zesty:
Fix Committed
Bug description:
User space trusted helpers have no way to detect when policy changes
have been loaded into the kernel. This prevents the applications from
being able to cache permission queries. Currently trusted helpers have
not done caching (wish list feature), however the gsetting proxy
requires userspace caching of permissions due to how gsettings proxy
has to work.
This means that policy loads result in stale gsettings policy to
results in incorrect mediation.
Add a revision file to the apparmorfs interface that allows detection
of the current revision number for apparmor policy. This file can be
read like a pipe, or used via poll, which is sufficient for the
gsettings proxy detect changes and invalidate its cache.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1678032/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
