support environment filtering
Bug #1045985 reported by
Jamie Strandboge
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
Triaged
|
Low
|
Unassigned | ||
| apparmor (Ubuntu) |
Confirmed
|
Low
|
Unassigned | ||
| linux (Ubuntu) |
Confirmed
|
Low
|
Unassigned | ||
Bug Description
Confined applications have too much control over executables due to a lack of environment filtering in AppArmor. Bug #851986 is one such example. While we have employed the sanitized_helper to help, it should not be considered the final solution as it causes usability issues and is limited in what it can achieve. This bug is to track the environment filtering work.
| Changed in apparmor (Ubuntu): | |
| importance: | Undecided → High |
| status: | New → Triaged |
| Changed in apparmor (Ubuntu): | |
| status: | Triaged → In Progress |
| assignee: | nobody → John Johansen (jjohansen) |
| Changed in apparmor (Ubuntu): | |
| assignee: | John Johansen (jjohansen) → nobody |
| status: | In Progress → Triaged |
| tags: | added: aa-feature |
| Changed in apparmor (Ubuntu): | |
| importance: | High → Medium |
| Changed in apparmor (Ubuntu): | |
| importance: | Medium → Low |
| summary: |
- AppArmor should support environment filtering + support environment filtering |
| Changed in apparmor: | |
| importance: | Undecided → Low |
| status: | New → Triaged |
| Changed in apparmor (Ubuntu): | |
| status: | Triaged → Confirmed |
| Changed in linux (Ubuntu): | |
| status: | New → Confirmed |
| importance: | Undecided → Low |
| tags: | added: aa-kernel |
Revision history for this message
| Vincas Dargis (talkless) wrote | #1 |
Revision history for this message
| Seth Arnold (seth-arnold) wrote | #2 |
To post a comment you must log in.
This bug is rather old. Is there a progress in this? Is it relevant on latest AppArmor?