Fixed in AppArmor 2.11.
** Changed in: apparmor
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
This bug was fixed in Ubuntu 16.04 with apparmor 2.10.95-0ubuntu2.2
** Changed in: apparmor (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
I've thoroughly tested apparmor 2.10.95-0ubuntu2.2 in xenial-proposed.
I've verified that this bug is fixed (via the test in the Original
Report section of the description and the newly added upstream automated
tests) and I've also went through the AppArmor Test Plan (excluding the
Ubuntu Touch
** Description changed:
[Impact]
Applications which use libapparmor's aa_change_onexec() to set up an
AppArmor profile transition across an upcoming exec() cannot pre-
initialize the environment. This is caused by AppArmor unconditionally
setting the AT_SECURE flag on the process,
Hello Tyler, or anyone else affected,
Accepted apparmor into xenial-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.1 in a
few hours, and then in the -proposed repository.
Please help us by testing this new package. See
** Description changed:
+ [Impact]
+
+ Applications which use libapparmor's aa_change_onexec() to set up an
+ AppArmor profile transition across an upcoming exec() cannot pre-
+ initialize the environment. This is caused by AppArmor unconditionally
+ setting the AT_SECURE flag on the process,
** Also affects: apparmor (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: apparmor (Ubuntu Xenial)
Status: New => In Progress
** Changed in: apparmor (Ubuntu Xenial)
Assignee:
This bug was fixed in the package apparmor - 2.10.95-4ubuntu2
---
apparmor (2.10.95-4ubuntu2) yakkety; urgency=medium
* Drop the following change now that click-apparmor has been updated:
- Continue installing aa-exec into /usr/sbin/ for now since
click-apparmor's
** Branch linked: lp:~apparmor-dev/apparmor/apparmor-ubuntu-citrain
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
change_profile rules need a modifier to
** Branch linked: lp:apparmor
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
change_profile rules need a modifier to allow non-secureexec
transitions
Fix committed as r3469
** Changed in: apparmor
Status: In Progress => Fix Committed
** Changed in: apparmor (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in
Patches out for review on the list:
https://lists.ubuntu.com/archives/apparmor/2016-May/009708.html
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
The tools also need to be updated (as soon as we decided on the exact
syntax etc.)
** Tags added: aa-tools
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
** Description changed:
As it stands today, all exec transitions triggered by a change_profile
rule cause the AT_SECURE flag in the auxiliary vector to be set due to
the kernel function apparmor_bprm_secureexec() returning 1 while setting
up the execution environment. This causes libc to
** Tags added: aa-parser
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1584069
Title:
change_profile rules need a modifier to allow non-secureexec
transitions
Status
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor
Importance: Undecided => High
** Changed in: apparmor
Status: New => In Progress
** Changed in: apparmor
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: apparmor (Ubuntu)
16 matches
Mail list logo
