private-files-strict and user-files abstractions should also limit access to directories

Bug #1794848 reported by Jamie Strandboge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
AppArmor
Fix Released
Undecided
Jamie Strandboge
apparmor (Ubuntu)
Fix Released
Undecided
Jamie Strandboge
Trusty
Fix Released
Undecided
Jamie Strandboge
Xenial
Fix Released
Undecided
Jamie Strandboge
Bionic
Fix Released
Undecided
Jamie Strandboge
Cosmic
Fix Released
Undecided
Jamie Strandboge

Bug Description

This is to track the private-files-strict and user-files portion of https://bugs.launchpad.net/apparmor/+bug/1794820

Changed in apparmor (Ubuntu Trusty):
status: New → Triaged
Changed in apparmor (Ubuntu Xenial):
status: New → Triaged
Changed in apparmor (Ubuntu Bionic):
status: New → Triaged
Changed in apparmor (Ubuntu Cosmic):
status: New → Triaged
Changed in apparmor (Ubuntu Trusty):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor (Ubuntu Xenial):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor (Ubuntu Bionic):
assignee: nobody → Jamie Strandboge (jdstrand)
Changed in apparmor (Ubuntu Cosmic):
assignee: nobody → Jamie Strandboge (jdstrand)
status: Triaged → In Progress
Changed in apparmor:
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
Revision history for this message
Jamie Strandboge (jdstrand) wrote :
Changed in apparmor:
status: In Progress → Fix Released
summary: - private-files-strict abstraction should also limit access to directories
+ private-files-strict and user-files abstractions should also limit
+ access to directories
Revision history for this message
Jamie Strandboge (jdstrand) wrote :
Changed in apparmor (Ubuntu Cosmic):
status: In Progress → Fix Committed
Changed in apparmor (Ubuntu Trusty):
status: Triaged → In Progress
Changed in apparmor (Ubuntu Xenial):
status: Triaged → Fix Committed
Changed in apparmor (Ubuntu Bionic):
status: Triaged → Fix Committed
Changed in apparmor (Ubuntu Trusty):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.12-4ubuntu8

---------------
apparmor (2.12-4ubuntu8) cosmic; urgency=medium

  * lp1788929+1794848.patch:
    - disallow writes to thumbnailer dir (LP: #1788929)
    - disallow access to the dirs of private files (LP: #1794848)

 -- Jamie Strandboge <email address hidden> Thu, 27 Sep 2018 17:25:04 +0000

Changed in apparmor (Ubuntu Cosmic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.10.95-0ubuntu2.6~14.04.4

---------------
apparmor (2.10.95-0ubuntu2.6~14.04.4) trusty-security; urgency=medium

  * {,14.04-}lp1788929+1794848.patch:
    - disallow writes to thumbnailer dir (LP: #1788929)
    - disallow access to the dirs of private files (LP: #1794848)

 -- Jamie Strandboge <email address hidden> Thu, 27 Sep 2018 18:38:50 +0000

Changed in apparmor (Ubuntu Trusty):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.12-4ubuntu5.1

---------------
apparmor (2.12-4ubuntu5.1) bionic-security; urgency=medium

  * lp1788929+1794848.patch:
    - disallow writes to thumbnailer dir (LP: #1788929)
    - disallow access to the dirs of private files (LP: #1794848)

 -- Jamie Strandboge <email address hidden> Thu, 27 Sep 2018 18:20:54 +0000

Changed in apparmor (Ubuntu Bionic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.10.95-0ubuntu2.10

---------------
apparmor (2.10.95-0ubuntu2.10) xenial-security; urgency=medium

  * lp1788929+1794848.patch:
    - disallow writes to thumbnailer dir (LP: #1788929)
    - disallow access to the dirs of private files (LP: #1794848)

 -- Jamie Strandboge <email address hidden> Thu, 27 Sep 2018 18:23:46 +0000

Changed in apparmor (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.