Re: Possible CVE Request: improper AppArmor exec transition

[Jamie Strandboge <jamie () canonical com>]

On Mon, 2011-01-03 at 15:33 -0600, Jamie Strandboge wrote:
> If the policy is:
> /usr/bin/baz {
>   ...
>   /usr/bin/bar px,
>   /usr/bin/foo pux,
> }
>
> Then when baz executes /usr/bin/bar, bar will correctly run under the
> 'bar' profile if it exists, otherwise baz will receive a failed exec.
> The problem is when baz execs /usr/bin/foo, foo will run under the 'foo'
> profile if it exists (correct), otherwise baz will receive a failed exec
> (incorrect). bar should instead run unconfined. This is a bug, but not
> security relevant as the 'foo pux' rule is treated as a more strict 'foo
> px'.

This:
"bar should instead run unconfined"

should have been:
"foo should instead run unconfined"

Sorry for any confusion.

-- 
Jamie Strandboge             | http://www.canonical.com

Attachment: signature.asc
Description: This is a digitally signed message part