AppArmor dbus rejects messages from tasks that have exited
Bug #865605 reported by
John Johansen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Expired
|
Undecided
|
Unassigned |
Bug Description
Some tasks fire off messages at the end of their life that don't need a reply, and some times the task exit before dbus handles the message. Resulting in apparmor not being able to get the security context for the message sender.
To post a comment you must log in.
To fix this we need to update how the kernel is doing labeling for unix domain sockets, and then we can use getpeersec, and the labeling can be pulled from the socket instead of the task.