2013-07-02 17:40:07 |
Jamie Strandboge |
bug |
|
|
added bug |
2013-07-02 17:40:33 |
Jamie Strandboge |
description |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work may allow for AppArmor IPC to handle this without modifications to the SDK. |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work may allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04. |
|
2013-07-02 17:40:47 |
Jamie Strandboge |
description |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work may allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04. |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work may allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. |
|
2013-07-02 17:40:57 |
Jamie Strandboge |
tags |
|
application-confinement |
|
2013-07-02 17:41:06 |
Jamie Strandboge |
bug task added |
|
apparmor-easyprof-ubuntu (Ubuntu) |
|
2013-07-02 18:09:35 |
Jamie Strandboge |
bug task added |
|
apparmor (Ubuntu) |
|
2013-07-02 18:09:45 |
Jamie Strandboge |
apparmor (Ubuntu): status |
New |
In Progress |
|
2013-07-02 18:09:55 |
Jamie Strandboge |
apparmor (Ubuntu): assignee |
|
John Johansen (jjohansen) |
|
2013-07-02 18:11:47 |
Jamie Strandboge |
description |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work may allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work will allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. |
|
2013-07-02 18:11:55 |
Jamie Strandboge |
apparmor (Ubuntu): milestone |
|
later |
|
2013-07-02 18:13:26 |
Jamie Strandboge |
description |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work will allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work will allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. I recommend fixing this bug after the other SDK bugs I filed today, then talk to the security team before fixing this bug since it is possible we will have something for 13.10 that doesn't require altering the SDK. |
|
2013-07-09 08:03:19 |
Juhapekka Piiroinen |
ubuntu-qtcreator-plugins: assignee |
|
Timo Jyrinki (timo-jyrinki) |
|
2013-07-22 18:36:55 |
Alberto Mardegan |
bug |
|
|
added subscriber Alberto Mardegan |
2013-07-31 10:13:57 |
Juhapekka Piiroinen |
affects |
ubuntu-qtcreator-plugins |
ubuntu-ui-toolkit |
|
2013-08-01 06:28:30 |
Timo Jyrinki |
bug task added |
|
qtwebkit-opensource-src (Ubuntu) |
|
2013-08-15 23:08:49 |
Jamie Strandboge |
ubuntu-ui-toolkit: assignee |
Timo Jyrinki (timo-jyrinki) |
|
|
2013-08-15 23:09:03 |
Jamie Strandboge |
qtwebkit-opensource-src (Ubuntu): assignee |
|
Christian Dywan (kalikiana) |
|
2013-09-04 03:27:23 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Saucy |
|
2013-09-04 03:27:23 |
Jamie Strandboge |
bug task added |
|
apparmor (Ubuntu Saucy) |
|
2013-09-04 03:27:23 |
Jamie Strandboge |
bug task added |
|
qtwebkit-opensource-src (Ubuntu Saucy) |
|
2013-09-04 03:27:23 |
Jamie Strandboge |
bug task added |
|
apparmor-easyprof-ubuntu (Ubuntu Saucy) |
|
2013-09-04 03:27:54 |
Jamie Strandboge |
apparmor-easyprof-ubuntu (Ubuntu Saucy): status |
New |
Triaged |
|
2013-09-04 03:28:03 |
Jamie Strandboge |
nominated for series |
|
Ubuntu T-series |
|
2013-09-04 03:28:03 |
Jamie Strandboge |
bug task added |
|
apparmor (Ubuntu T-series) |
|
2013-09-04 03:28:03 |
Jamie Strandboge |
bug task added |
|
qtwebkit-opensource-src (Ubuntu T-series) |
|
2013-09-04 03:28:03 |
Jamie Strandboge |
bug task added |
|
apparmor-easyprof-ubuntu (Ubuntu T-series) |
|
2013-09-04 03:28:27 |
Jamie Strandboge |
apparmor (Ubuntu T-series): status |
New |
In Progress |
|
2013-09-04 03:28:27 |
Jamie Strandboge |
apparmor (Ubuntu T-series): assignee |
|
John Johansen (jjohansen) |
|
2013-09-04 03:28:45 |
Jamie Strandboge |
apparmor (Ubuntu Saucy): status |
In Progress |
Won't Fix |
|
2013-09-04 03:28:45 |
Jamie Strandboge |
apparmor (Ubuntu Saucy): milestone |
later |
|
|
2013-09-04 03:28:45 |
Jamie Strandboge |
apparmor (Ubuntu Saucy): assignee |
John Johansen (jjohansen) |
|
|
2013-09-04 11:18:18 |
Jamie Strandboge |
qtwebkit-opensource-src (Ubuntu Saucy): importance |
Undecided |
High |
|
2013-09-16 15:17:29 |
Jamie Strandboge |
description |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>').
Future work will allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. I recommend fixing this bug after the other SDK bugs I filed today, then talk to the security team before fixing this bug since it is possible we will have something for 13.10 that doesn't require altering the SDK. |
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app_pkgname>") instead of shm_open("WK2SharedMemory") where '<app_pkgname>' is the "name" field in the Click manifest (see bug #1197037 for details).
Future work will allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. I recommend fixing this bug after the other SDK bugs I filed today, then talk to the security team before fixing this bug since it is possible we will have something for 13.10 that doesn't require altering the SDK. |
|
2013-09-16 16:01:10 |
Pat McGowan |
bug |
|
|
added subscriber Pat McGowan |
2013-09-17 09:20:42 |
Alan Pope πΊπ§π± π¦ |
bug |
|
|
added subscriber Alan Pope γ |
2013-10-11 15:56:58 |
Jamie Strandboge |
apparmor-easyprof-ubuntu (Ubuntu Saucy): status |
Triaged |
Won't Fix |
|
2013-10-11 15:57:10 |
Jamie Strandboge |
apparmor-easyprof-ubuntu (Ubuntu T-series): status |
New |
Confirmed |
|
2013-10-14 11:32:00 |
chenwencai |
apparmor-easyprof-ubuntu (Ubuntu): assignee |
|
chenwencai (13738772233-a) |
|
2013-10-14 11:32:51 |
chenwencai |
apparmor-easyprof-ubuntu (Ubuntu T-series): status |
Confirmed |
New |
|
2013-10-14 11:32:51 |
chenwencai |
apparmor-easyprof-ubuntu (Ubuntu T-series): assignee |
|
chenwencai (13738772233-a) |
|
2013-10-14 11:33:13 |
chenwencai |
apparmor-easyprof-ubuntu (Ubuntu Saucy): assignee |
|
chenwencai (13738772233-a) |
|
2013-10-14 13:45:15 |
Dmitry Shachnev |
apparmor-easyprof-ubuntu (Ubuntu): assignee |
chenwencai (13738772233-a) |
|
|
2013-10-14 13:45:34 |
Dmitry Shachnev |
apparmor-easyprof-ubuntu (Ubuntu Saucy): assignee |
chenwencai (13738772233-a) |
|
|
2013-10-14 13:45:57 |
Dmitry Shachnev |
apparmor-easyprof-ubuntu (Ubuntu T-series): assignee |
chenwencai (13738772233-a) |
|
|
2013-10-17 17:12:03 |
Launchpad Janitor |
qtwebkit-opensource-src (Ubuntu): status |
New |
Confirmed |
|
2013-10-17 17:12:03 |
Launchpad Janitor |
apparmor-easyprof-ubuntu (Ubuntu T-series): status |
New |
Confirmed |
|
2013-10-17 17:12:03 |
Launchpad Janitor |
qtwebkit-opensource-src (Ubuntu T-series): status |
New |
Confirmed |
|
2013-12-12 17:58:09 |
Jamie Strandboge |
qtwebkit-opensource-src (Ubuntu Saucy): status |
Confirmed |
Won't Fix |
|
2013-12-12 17:59:11 |
Jamie Strandboge |
qtwebkit-opensource-src (Ubuntu Trusty): status |
Confirmed |
Won't Fix |
|
2014-03-27 15:10:41 |
Jamie Strandboge |
apparmor-easyprof-ubuntu (Ubuntu Trusty): status |
Confirmed |
Won't Fix |
|
2014-03-27 15:10:58 |
Jamie Strandboge |
apparmor-easyprof-ubuntu (Ubuntu): status |
Triaged |
Won't Fix |
|
2014-03-27 15:11:16 |
Jamie Strandboge |
qtwebkit-opensource-src (Ubuntu): status |
Confirmed |
Won't Fix |
|
2014-03-27 15:11:32 |
Jamie Strandboge |
apparmor (Ubuntu Trusty): status |
In Progress |
Won't Fix |
|
2014-03-27 15:11:58 |
Jamie Strandboge |
bug task deleted |
ubuntu-ui-toolkit |
|
|
2014-04-04 13:54:04 |
Daniel Holbach |
bug |
|
|
added subscriber Daniel Holbach |
2014-09-26 22:08:56 |
Jamie Strandboge |
apparmor (Ubuntu): assignee |
John Johansen (jjohansen) |
Jamie Strandboge (jdstrand) |
|
2014-09-29 15:50:22 |
Launchpad Janitor |
apparmor-easyprof-ubuntu (Ubuntu): status |
Won't Fix |
Fix Released |
|
2014-10-09 19:39:45 |
Jamie Strandboge |
apparmor (Ubuntu): assignee |
Jamie Strandboge (jdstrand) |
|
|
2014-10-09 19:41:44 |
Jamie Strandboge |
apparmor (Ubuntu): importance |
Undecided |
Medium |
|
2014-10-09 20:40:25 |
Jamie Strandboge |
tags |
application-confinement |
aa-feature application-confinement |
|
2014-10-09 21:33:23 |
Jamie Strandboge |
apparmor (Ubuntu): status |
In Progress |
Won't Fix |
|
2014-10-09 21:33:27 |
Jamie Strandboge |
apparmor (Ubuntu): importance |
Medium |
Undecided |
|
2014-10-30 08:41:25 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/apparmor-easyprof-ubuntu |
|