a change_profile rule with an exec condition allows for a direct changeprofile operation
Bug #1584165 reported by
Tyler Hicks
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
Triaged
|
High
|
Tyler Hicks | ||
| apparmor (Ubuntu) |
Triaged
|
High
|
Tyler Hicks | ||
Bug Description
The sequence of commands below should not succeed. They show that the parser is incorrectly encoding a change_profile rule with an exec condition to allow a direct changeprofile operation without the exec condition being satisfied.
$ echo "profile nt { file, signal, unix, }" | sudo apparmor_parser -qr
$ echo "profile test { file, signal, unix, change_profile /does/not/exist -> nt, }" | sudo apparmor_parser -qr
$ aa-exec -p test -- bash
$ cat /proc/self/
test (enforce)
# IMPORTANT: This command should fail instead of allowing the process confined
# by the # "test" profile change to the "nt" profile without an exec
$ echo "changeprofile nt" > /proc/self/
$ cat /proc/self/
nt (enforce)
| description: | updated |
| Changed in apparmor: | |
| assignee: | nobody → Tyler Hicks (tyhicks) |
| importance: | Undecided → High |
| status: | New → Triaged |
| Changed in apparmor (Ubuntu): | |
| importance: | Undecided → High |
| tags: | added: aa-parser |
To post a comment you must log in.
