[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule
*** This bug is a duplicate of bug 1658219 *** https://bugs.launchpad.net/bugs/1658219 Hello. I would like to note, that when Linux kernel has been updated to 4.4.0-160.188 version[1] (with, among others, patches for LP:#1658219 and LP:#1838090), I've had to update a few profiles (such as Audacious, Parole, Xorg, Logrotate etc.), because of a lot of "DENIED" entries in system log files. If it's about access controls (vide 'requested{denied}_mask'): most new rules required 'm' (memory map as executable), but some of them needed 'k' (file locking) etc.) However, it seems everything is okay now and I hope, that there will be no such issues anymore. Anyway, Mr Tyler Hicks was right: "users with custom policy have some reasonable expectation that upgrading to the new Ubuntu release or kernel version will require them to update their custom policy". By the way; what is an impact of these changes? (I mean LP:#1658219 and LP:#1838090). Does it means, that now, use of 'm' and 'k' access is secured/restricted/checked correctly by AppArmor? And one more thing: this problem is related to v4.4 kernel only, right? Thanks, best regards. __ [1] https://launchpad.net/ubuntu/+source/linux/4.4.0-160.188 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1838090 Title: Ubuntu 16.04: read access incorrectly implies 'm' rule To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule
*** This bug is a duplicate of bug 1658219 *** https://bugs.launchpad.net/bugs/1658219 This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed- xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1838090 Title: Ubuntu 16.04: read access incorrectly implies 'm' rule To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule
*** This bug is a duplicate of bug 1658219 *** https://bugs.launchpad.net/bugs/1658219 ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1838090 Title: Ubuntu 16.04: read access incorrectly implies 'm' rule To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1838090/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs