Snappy

shell's test gives false positive on readability of files

Bug #1748510 reported by Marco Trevisan (Treviño) on 2018-02-09

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Snappy	Won't Fix	Undecided	Unassigned

Bug Description

If inside any snap run --shell I do:

test -r /home/$USER/.bashrc && echo true

The output is true, although I'm not able to read that file... Of course I can't get its content and thus sandbox works, but it would be nice to be able to check this properly using standard sh tools (I'm using something like `head -c0 /home/$USER/out.ogv &> /dev/null && echo true`).

Revision history for this message

Maciej Borzecki (maciek-borzecki) wrote on 2018-02-12:

My guess would be that `test` does a stat() and checks st_mode against provided flags, so it's like only reading the metadata. The actual blocking/sandboxing happens on calls that have side effects on the real data, eg. open().

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2018-02-13:

AppArmor intentionally does not mediate access(2) and similar system calls. While it might be feasible to give results for files, giving results for a directory would be error-prone.

We chose to err on the side of saying access(2) does not reflect AppArmor's mediation for the simplicity of the mental model.

Thanks

Revision history for this message

Zygmunt Krynicki (zyga) wrote on 2019-10-15:

As was explained above apparmor and the sandbox in general doesn't pretend to change UNIX permissions that access(2) is based on. Unless we plan to do library or syscall intercepts I don't think we can fix it.

Changed in snappy:
status:	New → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.