[apparmor] [Bug 706733] Re: logprof and genprof don't detect socket events
Steve Beattie
sbeattie at ubuntu.com
Thu Mar 17 18:33:54 UTC 2011
Closing, apparmor 2.5.2 was released.
** Changed in: apparmor/2.5
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/706733
Title:
logprof and genprof don't detect socket events
Status in AppArmor Linux application security framework:
Fix Released
Status in AppArmor 2.5 series:
Fix Released
Bug description:
The version of AppArmor that was accepted upstream initially had
network mediation but it was removed. There's a compatibility patch
floating around that (at least) openSUSE and Ubuntu have applied to
their kernel trees to re-add support for socket operations.
This works to allow the profiles to be honored in the kernel, but one
step was overlooked. Somewhere during the upstream acceptance phase,
the naming of the socket event operations was changed to drop the
socket_ prefix. This doesn't have any effect on network mediation or
security but does mean that logprof and genprof stopped recognizing
networking events and could not suggest them during their runs.
The attached patch adds an operation type hash that can be used to
replace the simple /socket_/ checks that were used previously to
identify a a network operation. My testing shows that it is properly
detecting networking events again.
More information about the AppArmor
mailing list