[Touch-packages] [Bug 1660832] [NEW] unix domain socket cross permission check failing with nested namespaces

John Johansen Tue, 31 Jan 2017 15:01:50 -0800

Public bug reported:

When using nested namespaces policy within the nested namespace is trying       
to cross validate with policy outside of the namespace that is not              
visible to it. This results the access being denied and with no way to          
add a rule to policy that would allow it.


** Affects: apparmor (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete

** Affects: apparmor (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Yakkety)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Yakkety)
     Importance: Undecided
         Status: New

** Affects: apparmor (Ubuntu Zesty)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Zesty)
     Importance: Undecided
         Status: Incomplete

** Also affects: linux (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Also affects: apparmor (Ubuntu Yakkety)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Yakkety)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1660832

Title:
  unix domain socket cross permission check failing with nested
  namespaces

Status in apparmor package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Incomplete
Status in apparmor source package in Xenial:
  New
Status in linux source package in Xenial:
  New
Status in apparmor source package in Yakkety:
  New
Status in linux source package in Yakkety:
  New
Status in apparmor source package in Zesty:
  New
Status in linux source package in Zesty:
  Incomplete

Bug description:
  When using nested namespaces policy within the nested namespace is trying     
  
  to cross validate with policy outside of the namespace that is not            
  
  visible to it. This results the access being denied and with no way to        
  
  add a rule to policy that would allow it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1660832/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1660832] [NEW] unix domain socket cross permission check failing with nested namespaces

Reply via email to