new apparmor not masking directory permissions correctly
Bug #138978 reported by
Kees Cook
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: apparmor
With the prior version of apparmor, directory accesses were masked to only check read access. Current AppArmor now includes write access, breaking all abstractions. Easiest test is for write access to /tmp when including the user-tmp abstraction. See attached files.
With old AppArmor (expected results):
$ /tmp/test
0
With new AppArmor (eek):
$ /tmp/test
-1
with dmesg output:
[93189.905221] audit(118954408
Related branches
To post a comment you must log in.
Source...