[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule

2019-08-20 Thread daniel CURTIS
*** This bug is a duplicate of bug 1658219 ***
https://bugs.launchpad.net/bugs/1658219

Hello.

I would like to note, that when Linux kernel has been updated to
4.4.0-160.188 version[1] (with, among others, patches for LP:#1658219
and LP:#1838090), I've had to update a few profiles (such as Audacious,
Parole, Xorg, Logrotate etc.), because of a lot of "DENIED" entries in
system log files. If it's about access controls (vide
'requested{denied}_mask'): most new rules required 'm' (memory map as
executable), but some of them needed 'k' (file locking) etc.)

However, it seems everything is okay now and I hope, that there will be
no such issues anymore. Anyway, Mr Tyler Hicks was right: "users with
custom policy have some reasonable expectation that upgrading to the new
Ubuntu release or kernel version will require them to update their
custom policy".

By the way; what is an impact of these changes? (I mean LP:#1658219 and
LP:#1838090). Does it means, that now, use of 'm' and 'k' access is
secured/restricted/checked correctly by AppArmor? And one more thing:
this problem is related to v4.4 kernel only, right?


Thanks, best regards.
__
[1] https://launchpad.net/ubuntu/+source/linux/4.4.0-160.188

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1838090

Title:
  Ubuntu 16.04: read access incorrectly implies 'm' rule

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule

2019-08-15 Thread Ubuntu Kernel Bot
*** This bug is a duplicate of bug 1658219 ***
https://bugs.launchpad.net/bugs/1658219

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1838090

Title:
  Ubuntu 16.04: read access incorrectly implies 'm' rule

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule

2019-08-12 Thread John Johansen
*** This bug is a duplicate of bug 1658219 ***
https://bugs.launchpad.net/bugs/1658219

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1838090

Title:
  Ubuntu 16.04: read access incorrectly implies 'm' rule

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs