AppArmor profiles attach to chrooted processes relative to their root
Bug #948147 reported by
Felix Geyer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Since kernel 3.2.0-18-generic AppArmor profiles attach to processes that are started from a chroot relative to their root.
So for example I define a profile for /usr/bin/test and have a chroot /mnt/chroot with the binary /mnt/chroot/
In this case if /mnt/chroot/
Related branches
To post a comment you must log in.
This bug was fixed in the package apparmor - 2.7.101-0ubuntu1
---------------
apparmor (2.7.101-0ubuntu1) precise; urgency=low
* New upstream release. Fixes: LP: #948147 lib/apparmor/ functions: Update to support the feature directory so
* debian/
that caching will work on kernels that support the feature dir. Patch
based on work from John Johansen. LP: #954469
-- Jamie Strandboge <email address hidden> Thu, 15 Mar 2012 15:57:02 -0500