network rules for policy versions that don't support network rules are broken
Bug #1728123 reported by
John Johansen
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apparmor (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
| Trusty |
New
|
Undecided
|
Unassigned | ||
| Xenial |
New
|
Undecided
|
Unassigned | ||
| Zesty |
New
|
Undecided
|
Unassigned | ||
| Artful |
New
|
Undecided
|
Unassigned | ||
Bug Description
When a feature abi that does not support network rules is loaded into a kernel that does, the policy is incorrectly enforced resulting in network denials.
The kernel should be correctly enforcing the feature abi by not applying the network mediation that is explicitly not supported by the specified feature abi.
To post a comment you must log in.
