group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1588069] Re: parser doesn't catch conflicting change_profile exec modes (safe/unsafe)

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Steve Beattie <sbeattie@xxxxxxxxxx>
Date: Tue, 18 Apr 2017 19:25:53 -0000
Reply-to: Bug 1588069 <1588069@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This was fixed in Ubuntu 16.04 LTS in apparmor 2.10.95-0ubuntu2.2
(including the changes in 2.10.95-0ubuntu2.1, which was superceded in
xenial-proposed by 2.10.95-0ubuntu2.2). Marking that task closed.

** Changed in: apparmor (Ubuntu Xenial)
Status: Fix Committed => Fix Released

--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1588069

Title:
parser doesn't catch conflicting change_profile exec modes
(safe/unsafe)

Status in AppArmor:
Fix Released
Status in apparmor package in Ubuntu:
Fix Released
Status in apparmor source package in Xenial:
Fix Released

Bug description:
[Impact]

Applications which use libapparmor's aa_change_onexec() to set up an
AppArmor profile transition across an upcoming exec() could not pre-
initialize the environment up until the upstream fix for bug #1584069
was in place. That upstream fix had a flaw in that conflicting
safe/unsafe change_profile transitions were allowed by
apparmor_parser. apparmor_parser should detect conflicting rules and
fail to compile the profile.

[Test Case]

The upstream fix for this bug includes exhaustive tests for
conflicting safe/unsafe change_profile transitions. These tests run at
build time.

If a manual test is desired, see the original report below for steps.

[Regression Potential]

Regression potential for this change is small since it is actually a
bug fix for the changes introduced in bug #1584069. The regression
potential for the changes for bug #1584069 are considerable and listed
in that bug report.

[Original Report]

The ability to specify change_profile exec modes (safe/unsafe) is a
recently merged feature. A missing piece is that the parser doesn't
detect conflicting exec modes on the same exec condition. The
following profile should fail to compile:

/t {
change_profile safe /foo -> /bar,
change_profile unsafe /foo -> /bar,
}

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1588069/+subscriptions