The verification of the Stable Release Update for apparmor has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1993353 Title: Add posix message queue IPC mediation Status in apparmor package in Ubuntu: New Status in apparmor source package in Focal: Fix Committed Status in apparmor source package in Jammy: Fix Released Bug description: [ Impact ] We need to add IPC mediation support in the userspace tools, starting with posix message queue. This would improve security and lower the attack surface for applications There is already a proposal upstream: https://gitlab.com/apparmor/apparmor/-/merge_requests/858 [ Test Plan ] In the merge request in the description there are several tests added. There are parser tests that can be run with "make -C parser check" in the project source tree. There are also tests for the python tools that can be run ith "make -C utils check" in the project source tree. There are also regression tests in tests/regression/apparmor. They run with the whole test suite when you run with "sudo make tests", but they can also be run individually with "sudo ./posix_mq.sh" [ Where problems could occur ] There could be problems related to Bug 1728130, where a policy was developed for a set of rules supported by a specific kernel, and if new mediation is available on newer kernels, then there will be some denied rules. Therefore we need to also prevent that from happening. This is already available in apparmor-3.+, but for older versions could be done by backporting the abi patches from apparmor-3.0. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1993353/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
