Apparmor appears to not restrict read-access
Bug #269921 reported by
David D Lowe
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
High
|
Kees Cook |
Bug Description
After switching to the guest account using fast-user-
david@david-
total 4
drwxr-xr-x 37 david david 4096 2008-09-13 20:54 david
I'm using Ubuntu Intrepid Ibex Alpha 5.
Related branches
Changed in gdm-guest-session: | |
importance: | Undecided → Medium |
Changed in apparmor: | |
milestone: | none → ubuntu-8.10 |
To post a comment you must log in.
Yes, same problem here.
The apparmor-profile allows reading the whole filesystem and has no exception for /home/
But the specification-page says: "AppArmor rules to completely hide /home"
An other question: Why does the apparmor-profile allows to execute programs from /media/** ?