2016-06-01 21:14:41 |
Tyler Hicks |
bug |
|
|
added bug |
2016-06-01 21:14:51 |
Tyler Hicks |
apparmor: status |
New |
In Progress |
|
2016-06-03 21:12:37 |
Tyler Hicks |
apparmor: status |
In Progress |
Fix Committed |
|
2016-06-03 21:12:49 |
Tyler Hicks |
bug task added |
|
apparmor (Ubuntu) |
|
2016-06-03 21:13:03 |
Tyler Hicks |
apparmor (Ubuntu): importance |
Undecided |
High |
|
2016-06-03 21:13:03 |
Tyler Hicks |
apparmor (Ubuntu): status |
New |
In Progress |
|
2016-06-03 21:13:03 |
Tyler Hicks |
apparmor (Ubuntu): assignee |
|
Tyler Hicks (tyhicks) |
|
2016-07-28 10:38:34 |
Launchpad Janitor |
apparmor (Ubuntu): status |
In Progress |
Fix Released |
|
2016-07-29 07:01:42 |
Martin Pitt |
nominated for series |
|
Ubuntu Xenial |
|
2016-07-29 07:01:42 |
Martin Pitt |
bug task added |
|
apparmor (Ubuntu Xenial) |
|
2016-07-29 07:12:33 |
Martin Pitt |
apparmor (Ubuntu Xenial): status |
New |
Fix Committed |
|
2016-07-29 07:12:35 |
Martin Pitt |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2016-07-29 07:12:44 |
Martin Pitt |
bug |
|
|
added subscriber SRU Verification |
2016-08-08 21:26:32 |
Tyler Hicks |
description |
The ability to specify change_profile exec modes (safe/unsafe) is a recently merged feature. A missing piece is that the parser doesn't detect conflicting exec modes on the same exec condition. The following profile should fail to compile:
/t {
change_profile safe /foo -> /bar,
change_profile unsafe /foo -> bar,
} |
[Impact]
Applications which use libapparmor's aa_change_onexec() to set up an AppArmor profile transition across an upcoming exec() could not pre-initialize the environment up until the upstream fix for bug #1584069 was in place. That upstream fix had a flaw in that conflicting safe/unsafe change_profile transitions were allowed by apparmor_parser. apparmor_parser should detect conflicting rules and fail to compile the profile.
[Test Case]
The upstream fix for this bug includes exhaustive tests for conflicting safe/unsafe change_profile transitions. These tests run at build time.
If a manual test is desired, see the original report below for steps.
[Regression Potential]
Regression potential for this change is small since it is actually a bug fix for the changes introduced in bug #1584069. The regression potential for the changes for bug #1584069 are considerable and listed in that bug report.
[Original Report]
The ability to specify change_profile exec modes (safe/unsafe) is a recently merged feature. A missing piece is that the parser doesn't detect conflicting exec modes on the same exec condition. The following profile should fail to compile:
/t {
change_profile safe /foo -> /bar,
change_profile unsafe /foo -> bar,
} |
|
2016-08-08 21:33:21 |
Tyler Hicks |
description |
[Impact]
Applications which use libapparmor's aa_change_onexec() to set up an AppArmor profile transition across an upcoming exec() could not pre-initialize the environment up until the upstream fix for bug #1584069 was in place. That upstream fix had a flaw in that conflicting safe/unsafe change_profile transitions were allowed by apparmor_parser. apparmor_parser should detect conflicting rules and fail to compile the profile.
[Test Case]
The upstream fix for this bug includes exhaustive tests for conflicting safe/unsafe change_profile transitions. These tests run at build time.
If a manual test is desired, see the original report below for steps.
[Regression Potential]
Regression potential for this change is small since it is actually a bug fix for the changes introduced in bug #1584069. The regression potential for the changes for bug #1584069 are considerable and listed in that bug report.
[Original Report]
The ability to specify change_profile exec modes (safe/unsafe) is a recently merged feature. A missing piece is that the parser doesn't detect conflicting exec modes on the same exec condition. The following profile should fail to compile:
/t {
change_profile safe /foo -> /bar,
change_profile unsafe /foo -> bar,
} |
[Impact]
Applications which use libapparmor's aa_change_onexec() to set up an AppArmor profile transition across an upcoming exec() could not pre-initialize the environment up until the upstream fix for bug #1584069 was in place. That upstream fix had a flaw in that conflicting safe/unsafe change_profile transitions were allowed by apparmor_parser. apparmor_parser should detect conflicting rules and fail to compile the profile.
[Test Case]
The upstream fix for this bug includes exhaustive tests for conflicting safe/unsafe change_profile transitions. These tests run at build time.
If a manual test is desired, see the original report below for steps.
[Regression Potential]
Regression potential for this change is small since it is actually a bug fix for the changes introduced in bug #1584069. The regression potential for the changes for bug #1584069 are considerable and listed in that bug report.
[Original Report]
The ability to specify change_profile exec modes (safe/unsafe) is a recently merged feature. A missing piece is that the parser doesn't detect conflicting exec modes on the same exec condition. The following profile should fail to compile:
/t {
change_profile safe /foo -> /bar,
change_profile unsafe /foo -> /bar,
} |
|
2016-08-08 21:34:09 |
Tyler Hicks |
tags |
|
aa-parser verification-done |
|
2017-01-10 20:31:56 |
Christian Boltz |
apparmor: status |
Fix Committed |
Fix Released |
|
2017-04-18 19:26:02 |
Steve Beattie |
apparmor (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|