AppArmor

Unexpected behavior on case-insensitive file systems, or case-insensitive directories (e.g, Ext4 since Linux 5.2)

Bug #2016205 reported by Aditya Basu on 2023-04-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AppArmor	New	Undecided	Unassigned

Bug Description

Consider the policy,
/usr/bin/less {
deny /opt/kelvin rw,
/** ixrw,
}

Here, the directory /opt is case-insensitive. So the file can be accessed as /opt/kelvin, or /opt/KELVIN (where K = Kelvin Symbol U+212A in Unicode). Note that Latin capital K and Kelvin Symbol are considered identical for case-insensitive matching.

$ touch KELVIN # where K = Kelvin Symbol (U+212A)
$ less kelvin # Uses Latin K. Allows access even though denied in policy.

The above allows access to the file "kelvin" even though the names "KELVIN" and "kelvin" represent the same underlying file.

My understanding is that the AppArmor policy is applied to the filenames stored on-disk and not the filenames supplied in system calls such as open() etc. When the underlying filesystem is case-insensitive, the policy will still match as if the filenames were case-sensitive.

Aditya Basu (ab-aditya-basu) on 2023-04-14

information type:	Private Security → Private
information type:	Private → Private Security

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2023-04-18:

Nice, thanks.

information type:

Private Security → Public

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.