Please raise the priority! It's not clear at all why we should assume that kernel hardening will guarantee that no path writable by the process in a symlink attack will be harmful. And I don't believe there is any apparmor rules for this in any case.
Because it's a security issue, it should be fixed, and not just postponed until some other security task is done.
Please raise the priority! It's not clear at all why we should assume that kernel hardening will guarantee that no path writable by the process in a symlink attack will be harmful. And I don't believe there is any apparmor rules for this in any case.
Because it's a security issue, it should be fixed, and not just postponed until some other security task is done.