** Also affects: dhcp3 (Ubuntu Quantal)
Importance: High
Status: Triaged
** Also affects: firefox (Ubuntu Quantal)
Importance: Undecided
Status: Confirmed
** Also affects: apport (Ubuntu Quantal)
Importance: Undecided
Status: Triaged
** Also affects: apparmor (Ubuntu Quantal)
Importance: Undecided
Status: Triaged
** Also affects: cups (Ubuntu Quantal)
Importance: Undecided
Status: Confirmed
** Also affects: chromium-browser (Ubuntu Quantal)
Importance: Undecided
Status: Confirmed
** Also affects: isc-dhcp (Ubuntu Quantal)
Importance: High
Status: Triaged
** Also affects: dhcp3 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: firefox (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: apport (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: cups (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: chromium-browser (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: isc-dhcp (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: dhcp3 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: firefox (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: apport (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: cups (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: chromium-browser (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: isc-dhcp (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: dhcp3 (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: firefox (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: apport (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: cups (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: chromium-browser (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: isc-dhcp (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: dhcp3 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: firefox (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: apport (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: cups (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: chromium-browser (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: isc-dhcp (Ubuntu Lucid)
Importance: Undecided
Status: New
** Changed in: isc-dhcp (Ubuntu Natty)
Status: New => Triaged
** Changed in: isc-dhcp (Ubuntu Natty)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: isc-dhcp (Ubuntu Oneiric)
Status: New => Triaged
** Changed in: isc-dhcp (Ubuntu Oneiric)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: isc-dhcp (Ubuntu Precise)
Status: New => Triaged
** Changed in: isc-dhcp (Ubuntu Precise)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: isc-dhcp (Ubuntu Quantal)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: isc-dhcp (Ubuntu Lucid)
Status: New => Invalid
** Changed in: dhcp3 (Ubuntu Natty)
Status: New => Invalid
** Changed in: dhcp3 (Ubuntu Oneiric)
Status: New => Invalid
** Changed in: dhcp3 (Ubuntu Precise)
Status: New => Invalid
** Changed in: dhcp3 (Ubuntu Quantal)
Status: Triaged => Invalid
** Changed in: dhcp3 (Ubuntu Lucid)
Importance: Undecided => High
** Changed in: dhcp3 (Ubuntu Lucid)
Status: New => Triaged
** Changed in: dhcp3 (Ubuntu Quantal)
Importance: High => Undecided
** Changed in: apport (Ubuntu Lucid)
Status: New => Triaged
** Changed in: apport (Ubuntu Natty)
Status: New => Triaged
** Changed in: apport (Ubuntu Oneiric)
Status: New => Triaged
** Changed in: apport (Ubuntu Precise)
Status: New => Triaged
** Changed in: apparmor (Ubuntu Lucid)
Status: New => Invalid
** Changed in: apparmor (Ubuntu Natty)
Status: New => Triaged
** Changed in: apparmor (Ubuntu Oneiric)
Status: New => Triaged
** Changed in: apparmor (Ubuntu Precise)
Status: New => Triaged
** Changed in: chromium-browser (Ubuntu Lucid)
Status: New => Confirmed
** Changed in: chromium-browser (Ubuntu Natty)
Status: New => Confirmed
** Changed in: chromium-browser (Ubuntu Oneiric)
Status: New => Confirmed
** Changed in: chromium-browser (Ubuntu Precise)
Status: New => Confirmed
** Changed in: firefox (Ubuntu Lucid)
Status: New => Confirmed
** Changed in: firefox (Ubuntu Natty)
Status: New => Confirmed
** Changed in: firefox (Ubuntu Oneiric)
Status: New => Confirmed
** Changed in: firefox (Ubuntu Precise)
Status: New => Confirmed
** Changed in: cups (Ubuntu Lucid)
Status: New => Confirmed
** Changed in: cups (Ubuntu Natty)
Status: New => Confirmed
** Changed in: cups (Ubuntu Oneiric)
Status: New => Confirmed
** Changed in: cups (Ubuntu Precise)
Status: New => Confirmed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1045986
Title:
Ubuntu AppArmor policy is too lenient with shell scripts
Status in “apparmor” package in Ubuntu:
Triaged
Status in “apport” package in Ubuntu:
Triaged
Status in “chromium-browser” package in Ubuntu:
Confirmed
Status in “cups” package in Ubuntu:
Confirmed
Status in “dhcp3” package in Ubuntu:
Invalid
Status in “firefox” package in Ubuntu:
Confirmed
Status in “isc-dhcp” package in Ubuntu:
Triaged
Status in “apparmor” source package in Lucid:
Invalid
Status in “apport” source package in Lucid:
Triaged
Status in “chromium-browser” source package in Lucid:
Confirmed
Status in “cups” source package in Lucid:
Confirmed
Status in “dhcp3” source package in Lucid:
Triaged
Status in “firefox” source package in Lucid:
Confirmed
Status in “isc-dhcp” source package in Lucid:
Invalid
Status in “apparmor” source package in Natty:
Triaged
Status in “apport” source package in Natty:
Triaged
Status in “chromium-browser” source package in Natty:
Confirmed
Status in “cups” source package in Natty:
Confirmed
Status in “dhcp3” source package in Natty:
Invalid
Status in “firefox” source package in Natty:
Confirmed
Status in “isc-dhcp” source package in Natty:
Triaged
Status in “apparmor” source package in Oneiric:
Triaged
Status in “apport” source package in Oneiric:
Triaged
Status in “chromium-browser” source package in Oneiric:
Confirmed
Status in “cups” source package in Oneiric:
Confirmed
Status in “dhcp3” source package in Oneiric:
Invalid
Status in “firefox” source package in Oneiric:
Confirmed
Status in “isc-dhcp” source package in Oneiric:
Triaged
Status in “apparmor” source package in Precise:
Triaged
Status in “apport” source package in Precise:
Triaged
Status in “chromium-browser” source package in Precise:
Confirmed
Status in “cups” source package in Precise:
Confirmed
Status in “dhcp3” source package in Precise:
Invalid
Status in “firefox” source package in Precise:
Confirmed
Status in “isc-dhcp” source package in Precise:
Triaged
Status in “apparmor” source package in Quantal:
Triaged
Status in “apport” source package in Quantal:
Triaged
Status in “chromium-browser” source package in Quantal:
Confirmed
Status in “cups” source package in Quantal:
Confirmed
Status in “dhcp3” source package in Quantal:
Invalid
Status in “firefox” source package in Quantal:
Confirmed
Status in “isc-dhcp” source package in Quantal:
Triaged
Bug description:
Dan Rosenberg has blogged about some AppArmor profile weaknesses in Ubuntu:
http://blog.azimuthsecurity.com/2012/09/poking-holes-in-apparmor-profiles.html
This bug will track the work needed to fix them. This is a
continuation of bug #851986, except for PATH and shell scripts.
Unfortunately, until we have proper environment filtering support in
AppArmor, we will have to employ more bandaids-- specifically, either
eliminating Ux/sanitized helper on shell scripts or adjusting those
shell scripts to explicitly set their PATH. The good news is that
environment filtering is on the AppArmor roadmap, and it something we
will be targeting in the future releases. I filed bug #1045985 to more
easily track the progress of that work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1045986/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
