From 3dfebc380d896628253ee8105d0de92cc469d55f Mon Sep 17 00:00:00 2001
From: Steve Beattie <sbeattie@ubuntu.com>
Date: Wed, 17 Aug 2011 16:28:15 -0700
Subject: [PATCH] Merge from trunk rev 1789: logprof and genprof were creating
 Px and Cx execute permissions with the modifiers as lowercase (meaning to
 pass on sensitive environment variables to the exec'ed process) even if the
 user told them not to when prompted. This patch fixes the issue.

Nominated-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
---
 utils/Immunix/AppArmor.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/Immunix/AppArmor.pm b/utils/Immunix/AppArmor.pm
index 0ffb4ccd0..e12fdc2e4 100755
--- a/utils/Immunix/AppArmor.pm
+++ b/utils/Immunix/AppArmor.pm
@@ -2257,7 +2257,7 @@ sub handlechildren($$$) {
                                 my $ynans = UI_YesNo($px_mesg, $px_default);
 				$ans = "CMD_$match";
                                 if ($ynans eq "y") {
-                                    $exec_mode &= ~$AA_EXEC_UNSAFE;
+                                    $exec_mode &= ~($AA_EXEC_UNSAFE | ($AA_EXEC_UNSAFE << $AA_OTHER_SHIFT));
                                 }
                             } elsif ($ans eq "CMD_ux") {
 				$exec_mode = str_to_mode("ux");