Deny access to zsh* configs in private-files

Bug #761217 reported by Felix Geyer
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apparmor (Ubuntu)
Low
Jamie Strandboge

Bug Description

Binary package hint: apparmor

AppArmor should deny access to zsh configs (like .zshrc, .zshenv, ...) in the private-files abstraction.

Related branches

Revision history for this message
Felix Geyer (debfx) wrote :
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thanks for reporting a bug and helping to make Ubuntu better. .zshrv is already covered by:
  deny @{HOME}/.*rc mrk,
  audit deny @{HOME}/.*rc wl,

But adjusting the profile to do this seems fine:
  deny @{HOME}/.{ba,z}sh* mrk,
  audit deny @{HOME}/.{ba,z}sh* wl,

summary: - Deny access to zsh configs in private-files
+ Deny access to zsh* configs in private-files
Changed in apparmor (Ubuntu):
importance: Undecided → Low
status: New → Triaged
tags: added: patch
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Sent a reworked patch upstream.

Changed in apparmor (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.6.1-0ubuntu3

---------------
apparmor (2.6.1-0ubuntu3) natty; urgency=low

  * debian/patches/0003-add-debian-integration-to-lighttpd.patch: updates for
    lighttpd example profile to work in Debian/Ubuntu (LP: #582814)
  * debian/patches/0004-lp754889.patch: add several image viewers to
    ubuntu-browsers.d/multimedia abstraction (LP: #754889)
  * debian/patches/0005-lp761217.patch: abstractions/private-files updates for
    zsh and several other shells (LP: #761217)
  * debian/patches/0001-add-chromium-browser.patch: fixes for multiarch and
    crash reporter (LP: #764786)
 -- Jamie Strandboge <email address hidden> Mon, 18 Apr 2011 09:23:50 -0500

Changed in apparmor (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers