touch-packages team mailing list archive

Thread
Date

[Bug 451422] Re: cannot override a generic deny rule with a more specific allow rule

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Christian Boltz <451422@xxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Dec 2014 12:53:06 -0000
Reply-to: Bug 451422 <451422@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reopening / adding upstream AppArmor

** Also affects: apparmor
   Importance: Undecided
       Status: New

** Changed in: apparmor
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/451422

Title:
  cannot override a generic deny rule with a more specific allow rule

Status in AppArmor Linux application security framework:
  New
Status in apparmor package in Ubuntu:
  Won't Fix

Bug description:
  If I include abstractions/private-files-strict, it has the following line:
    audit deny @{HOME}/.mozilla/** mrwkl,

  I would expect to be able to add the following and have the cache files allowed, but it doesn't work:
    owner @{HOME}/.mozilla/**/Cache/** r,

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/451422/+subscriptions