[Touch-packages] [Bug 1728123] [NEW] network rules for policy versions that don't support network rules are broken

Fri, 27 Oct 2017 11:51:06 -0700 

Public bug reported:

When a feature abi that does not support network rules is loaded into a
kernel that does, the policy is incorrectly enforced resulting in
network denials.

The kernel should be correctly enforcing the feature abi by not applying
the network mediation that is explicitly not supported by the specified
feature abi.

** Affects: apparmor (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Trusty)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Zesty)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Artful)
     Importance: Undecided
         Status: New

** Also affects: apparmor (Ubuntu Artful)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Xenial)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1728123

Title:
  network rules for policy versions that don't support network rules are
  broken

Status in apparmor package in Ubuntu:
  New
Status in apparmor source package in Trusty:
  New
Status in apparmor source package in Xenial:
  New
Status in apparmor source package in Zesty:
  New
Status in apparmor source package in Artful:
  New

Bug description:
  When a feature abi that does not support network rules is loaded into
  a kernel that does, the policy is incorrectly enforced resulting in
  network denials.

  The kernel should be correctly enforcing the feature abi by not
  applying the network mediation that is explicitly not supported by the
  specified feature abi.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1728123/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to