mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-07 01:41:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
2424 commits 23 branches 109 tags 32 MiB
Commit graph

7 commits

Author SHA1 Message Date
Tyler Hicks
d64797e4c3 profiles: rw file perms are now needed on AF_UNIX socket files 
The AppArmor kernel now checks for both read and write permissions when
a process calls connect() on a UNIX domain socket.

The patch updates four abstractions that were found to be needing
changes after the change in AF_UNIX kernel mediation.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
 2013-12-19 23:19:40 -08:00
Tyler Hicks
28964ebe24 profiles: Allow full D-Bus access in system and session abstractions 
Before D-Bus mediation support was added to AppArmor, the dbus and
dbus-session abstractions granted full access to the system and session
buses, respectively.

In order to continue granting full access to those buses, bus-specific
D-Bus mediation rules need to be added to the abstractions.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
 2013-12-19 23:17:10 -08:00
Jamie Strandboge
20f117500f update for /var/run -> /run udev transition. For compatibility, distributions 
(eg Ubuntu) are providing a symlink from /var/run to /run, so our profiles
should handle both situations.
 2011-07-14 07:57:57 -05:00
Kees Cook
723a20ba7d as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
Jamie Strandboge
24e3b5296e tighten up the dbus abstractions 2010-08-03 12:04:37 -05:00
Jamie Strandboge
694c9916b9 pull in Ubuntu updates to profiles/apparmor.d 2009-11-04 14:25:42 -06:00
Seth Arnold
8621cb193a some new abstractions from Mathias Gug 2007-08-27 23:49:51 +00:00