FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

LinkBack Thread Tools
Old 10-31-2009, 11:18 AM
Andy Whitcroft
Default AppArmor fixes for LP#451375 LP#462824 LP#458299 LP#453335

On Fri, Oct 30, 2009 at 11:41:41AM -0700, John Johansen wrote:
> The following changes since commit 7423c4c3b22816168b912c39a0298227076854b8:
> Scott James Remnant (1):
> UBUNTU: SAUCE: trace: add trace events for open(), exec() and uselib()
> are available in the git repository at:
> kernel.ubuntu.com:/srv/kernel.ubuntu.com/git/jj/apparmor-karmic.git master

Would be more helpful for all to use the git:// form for this as then
anyone can pull and review them.

> John Johansen (4):
> UBUNTU: SAUCE: AppArmor: AppArmor wrongly reports allow perms as denied

It appears that this is a reporting issue. This is pertinant as we are
trying to encourage people to write new and fix AA profiles this would
make that pretty hard. Looks nice and simple.

Acked-by: Andy Whitcroft <apw@canonical.com>

> UBUNTU: SAUCE: AppArmor: Policy load and replacement can fail to alloc mem

Version two of this patch looks to solve the issues I was worried about
previously. There is a minor whitespace issue but other than that it
seems correct to my eye.

Acked-by: Andy Whitcroft <apw@canonical.com>

> UBUNTU: SAUCE: AppArmor: AppArmor fails to audit change_hat correctly

From my reading of the leader it appears without this patch we are
unable to use the learning mode to make new profiles. That sounds
pretty unfortuanate as we are trying to encourage new profiles to be
made to improve security. Though the patch is pretty big, the semantic
change seems pretty small correcting which name is used.

Acked-by: Andy Whitcroft <apw@canonical.com>

> UBUNTU: SAUCE: AppArmor: AppArmor disallows truncate of deleted files.

This patch looks pretty simple, only changing behaviour where file is
deleted. I understand this affects firefox so is of concern. Looks ok
to me.

Acked-by: Andy Whitcroft <apw@canonical.com>


kernel-team mailing list

Thread Tools

All times are GMT. The time now is 11:05 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org