ptrace doesnt't trigger/work as expected
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apparmor (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Hi,
we looked into a discussion [1] which was triggered by [2].
For Ubunutu all these features existed for quite a while, so since [3] we had [4].
So I was looking into dropping [4] later on in favor of the fix in [1].
But while doing so I was puzzles why things even work.
I discussed with jjohansen and ptrace rules should have a traced and trace "end" of the rule.
Our old change was not as restrictive as the better change now suggested, but it had both ends.
While quickly trying to check on this we found that it actually works with just one side of the rules, but it shouldn't.
Jjohansen said he will look into that and get back to us, this bug is to allow everybody involved to track this.
[1]: https:/
[2]: https:/
[3]: https:/
[4]: https:/
| Christian Ehrhardt (paelzer) wrote | #1 |
| John Johansen (jjohansen) wrote | #2 |
| John Johansen (jjohansen) wrote | #3 |
I see more and more ptrace changes in upstream libvirt now that 4.13 is out.
I expect signal related changes when 4.14 is there.
So I beg your pardon for pinging here, having a see a glimpse of your list of bugs - but any chance of updates to this one?