kernel-packages team mailing list archive

Thread
Date

[Bug 1202161] Re: seccomp filter: execve(): Operation not permitted

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Cédric VINCENT <cedric.vincent@xxxxxxxxx>
Date: Mon, 12 Aug 2013 13:37:06 -0000
Reply-to: Bug 1202161 <1202161@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Actually, it's simpler than that.  The following three lines were
integrated back to "security/apparmor/domain.c" by error:

	/* XXX: no_new_privs is not usable with AppArmor yet */
	if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
		return -EPERM;

Technically, these three lines were deprecated by commit c29bceb3.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1202161

Title:
  seccomp filter: execve(): Operation not permitted

Status in “linux” package in Ubuntu:
  Incomplete

Bug description:
  === System information ===

  $ cat /proc/version_signature
  Ubuntu 3.8.0-19.13-lowlatency 3.8.8

  $ lsb_release -d
  Description: Ubuntu 13.04

  
  === How to reproduce ===

  $ gcc seccomp-filter.c
  $ ./a.out

  
  === Expected output ===

  OK

  
  === Actual output ===

  execve(): Operation not permitted
  status = -1

  
  === Extra information ===

  This testcase works with "vanilla" kernels (tested: v3.8 & v3.10)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1202161/+subscriptions

References

[Bug 1202161] [NEW] seccomp filter: execve(): Operation not permitted
From: Cédric VINCENT, 2013-07-17