change_profile doesn't work with audit or deny qualifiers
Bug #1434018 reported by
John Johansen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Confirmed
|
Low
|
Unassigned | ||
apparmor (Ubuntu) |
Confirmed
|
Low
|
Unassigned |
Bug Description
The change_profile permission does not allow the audit, allow, or deny qualifiers to be specified as part of policy.
All of these rules will fail
allow change_profile -> b,
deny change_profile -> b,
audit change_profile -> b,
Also change_profile does not currently support specifying just the keyword to indicate all permissions options. ie.
change_profile,
Changed in apparmor (Ubuntu): | |
status: | New → Confirmed |
importance: | Undecided → Low |
Changed in apparmor: | |
status: | New → Confirmed |
importance: | Undecided → Low |
tags: | added: aa-parser |
To post a comment you must log in.