ptrace read denial even though ptrace read is specified
Bug #1324533 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Unassigned | ||
apparmor (Ubuntu) |
Fix Released
|
High
|
Marc Deslauriers | ||
Trusty |
Triaged
|
High
|
Marc Deslauriers | ||
Utopic |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
If I have this rule:
ptrace (read) peer=@{
I see this denial:
May 28 21:02:30 ubuntu-phablet kernel: [ 574.625385] type=1400 audit(140131095
This is most easily seen when using webapps on the phone.
Changed in apparmor (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in apparmor (Ubuntu Utopic): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in apparmor (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in apparmor (Ubuntu Utopic): | |
importance: | Undecided → High |
Changed in apparmor (Ubuntu Trusty): | |
status: | New → Triaged |
Changed in apparmor (Ubuntu Utopic): | |
status: | New → Triaged |
Changed in apparmor (Ubuntu Utopic): | |
status: | Triaged → Fix Released |
Changed in apparmor: | |
status: | New → Fix Released |
To post a comment you must log in.
This is a bug in the apparmor_parsers handling of escape sequences in the rule encoding. It was fixed in upstream commit r2456