Deny access to zsh* configs in private-files
Bug #761217 reported by
Felix Geyer
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apparmor (Ubuntu) |
Fix Released
|
Low
|
Jamie Strandboge | ||
Bug Description
Binary package hint: apparmor
AppArmor should deny access to zsh configs (like .zshrc, .zshenv, ...) in the private-files abstraction.
Related branches
Revision history for this message
| Felix Geyer (debfx) wrote | #1 |
Revision history for this message
| Jamie Strandboge (jdstrand) wrote | #2 |
| summary: |
- Deny access to zsh configs in private-files + Deny access to zsh* configs in private-files |
| Changed in apparmor (Ubuntu): | |
| importance: | Undecided → Low |
| status: | New → Triaged |
| tags: | added: patch |
Revision history for this message
| Jamie Strandboge (jdstrand) wrote | #3 |
| Changed in apparmor (Ubuntu): | |
| assignee: | nobody → Jamie Strandboge (jdstrand) |
| status: | Triaged → In Progress |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #4 |
| Changed in apparmor (Ubuntu): | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
Thanks for reporting a bug and helping to make Ubuntu better. .zshrv is already covered by:
deny @{HOME}/.*rc mrk,
audit deny @{HOME}/.*rc wl,
But adjusting the profile to do this seems fine:
deny @{HOME}/.{ba,z}sh* mrk,
audit deny @{HOME}/.{ba,z}sh* wl,