touch-packages team mailing list archive

Thread
Date

[Bug 1324533] Re: ptrace read denial even though ptrace read is specified

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Wed, 08 Oct 2014 21:52:59 -0000
Reply-to: Bug 1324533 <1324533@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: apparmor (Ubuntu Utopic)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1324533

Title:
  ptrace read denial even though ptrace read is specified

Status in “apparmor” package in Ubuntu:
  Fix Released
Status in “apparmor” source package in Trusty:
  Triaged
Status in “apparmor” source package in Utopic:
  Fix Released

Bug description:
  If I have this rule:
  ptrace (read) peer=@{profile_name},

  I see this denial:
  May 28 21:02:30 ubuntu-phablet kernel: [  574.625385] type=1400 audit(1401310950.562:93): apparmor="DENIED" operation="ptrace" profile="com.ubuntu.developer.webapps.webapp-gmail_webapp-gmail_1.0.10" pid=2618 comm="threaded-ml" requested_mask="read" denied_mask="read" peer="com.ubuntu.developer.webapps.webapp-gmail_webapp-gmail_1.0.10"

  This is most easily seen when using webapps on the phone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1324533/+subscriptions