** Description changed:
+ [Impact]
+
+ Applications which use libapparmor's aa_change_onexec() to set up an
+ AppArmor profile transition across an upcoming exec() could not pre-
+ initialize the environment up until the upstream fix for bug #1584069
+ was in place. That upstream fix had a flaw in that conflicting
+ safe/unsafe change_profile transitions were allowed by apparmor_parser.
+ apparmor_parser should detect conflicting rules and fail to compile the
+ profile.
+
+ [Test Case]
+
+ The upstream fix for this bug includes exhaustive tests for conflicting
+ safe/unsafe change_profile transitions. These tests run at build time.
+
+ If a manual test is desired, see the original report below for steps.
+
+ [Regression Potential]
+
+ Regression potential for this change is small since it is actually a bug
+ fix for the changes introduced in bug #1584069. The regression potential
+ for the changes for bug #1584069 are considerable and listed in that bug
+ report.
+
+ [Original Report]
+
The ability to specify change_profile exec modes (safe/unsafe) is a
recently merged feature. A missing piece is that the parser doesn't
detect conflicting exec modes on the same exec condition. The following
profile should fail to compile:
/t {
- change_profile safe /foo -> /bar,
- change_profile unsafe /foo -> bar,
+ change_profile safe /foo -> /bar,
+ change_profile unsafe /foo -> bar,
}
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1588069
Title:
parser doesn't catch conflicting change_profile exec modes
(safe/unsafe)
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1588069/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
