apparmor_parser should reject pivot_root rules containing non-directory arguments
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
Triaged
|
Low
|
Unassigned | ||
| apparmor (Ubuntu) |
Triaged
|
Low
|
Unassigned | ||
Bug Description
The pivot_root rule arguments corresponding to pivot_root(2)'s put_old and new_root arguments must always end with a '/' character. This is due to the paths being directories and not regular files. If the paths do not end in a '/', the kernel will fail to match the paths during a pivot_root(2) and the pivot will always be denied.
I think that the parser should reject all pivot_root rules containing paths that do not end in '/', to avoid the confusion at run-time.
Here's a simple test case that should fail:
$ echo "/t { pivot_root oldroot=/new/old /new, }" | apparmor_parser -qQ
Here's a simple test case that should pass:
$ echo "/t { pivot_root oldroot=/new/old/ /new/, }" | apparmor_parser -qQ
Currently, both test result in apparmor_parser returning 0.
| tags: | added: aa-parser |
| Changed in apparmor: | |
| status: | New → Triaged |
| importance: | Undecided → Low |
