Incomplete information in AppArmorProfiles web documentation

Bug #1938672 reported by Todd Taft
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
New
Undecided
Unassigned

Bug Description

The table of profiles on the page https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles does not have any of the footnote entries for 20.04 or 20.10. Since these footnotes are present in the table for earlier versions of Ubuntu, it implies that there have been multiple changes to AppArmor profiles in 20.04.

Example: The table shows that an AppArmor rule set exists for Apache2. For 18.04 (and earlier) releases, the table footnotes indicates that these rules are not enabled by default. The lack of footnote entries in the 20.04 (and later) release columns suggest that the AppArmor rules are enabled by default. However, even after installing the apache2 and libapache2-mod-apparmor packages, aa-status indicates that no AppArmor rules are enforced for Apache. Lengthy comments at the beginning of the /etc/apparmor.d/usr.sbin.apache2 file indicate that this is the intended behavior, and thus the table on the page mentioned in the first paragraph is incomplete.

Similar issues exist for multiple other table entries (Firefox, rsyslogd, etc.).

This is being reported as a bug because the wiki page is marked as immutable.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.