aa-status doesn't report an application as unconfined when using path globbing
Bug #595714 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Triaged
|
Low
|
Unassigned | ||
apparmor (Ubuntu) |
Triaged
|
Low
|
Unassigned |
Bug Description
Binary package hint: apparmor
If I do the following:
$ sudo apparmor_parser -R /etc/apparmor.
$ evince &
$ sudo apparmor_parser -r /etc/apparmor.
$ sudo aa-status
I get:
1 processes are unconfined but have a profile defined.
/usr/bin/evince (1756)
Good.
If I do:
$ sudo apparmor_parser -R /etc/apparmor.
$ firefox &
$ sudo apparmor_parser -r /etc/apparmor.
$ sudo aa-status
I get:
0 processes are unconfined but have a profile defined.
This is because the firefox uses the following to define the pathname:
/usr/lib/
aa-status should be updated to support path name globbing.
Changed in apparmor (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Low |
description: | updated |
tags: | added: aa-tools |
Changed in apparmor: | |
importance: | Undecided → Low |
status: | New → Triaged |
To post a comment you must log in.