From 4c04a05996aae0ebddd90e7a0de1dc873eaf4e05 Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Wed, 27 Jan 2016 13:38:39 -0600
Subject: [PATCH] libapparmor: Open fds may be revalidated after
 aa_change_profile()

It is possible that file descriptors will be revalidated after an
aa_change_profile() but there is a lot of complexity involved that
doesn't need to be spelled out in the man page. Instead, mention that
revalidation is possible but the only way to ensure that file
descriptors are not passed on is to close them.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
---
 libraries/libapparmor/doc/aa_change_profile.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/libapparmor/doc/aa_change_profile.pod b/libraries/libapparmor/doc/aa_change_profile.pod
index 6457c334e..3cad4270c 100644
--- a/libraries/libapparmor/doc/aa_change_profile.pod
+++ b/libraries/libapparmor/doc/aa_change_profile.pod
@@ -48,7 +48,7 @@ If a program wants to return out of the current profile to the
 original profile, it may use aa_change_hat(2). Otherwise, the two profiles must
 have rules permitting changing between the two profiles.
 
-Open file descriptors are not remediated after a call to aa_change_profile()
+Open file descriptors may not be remediated after a call to aa_change_profile()
 so the calling program must close(2) open file descriptors to ensure they
 are not available after calling aa_change_profile(). As aa_change_profile()
 is typically used just before execve(2), you may want to use open(2) or