** Visibility changed to: Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/975901
Title:
guest session is not confined by apparmor
Status in “lightdm” package in Ubuntu:
New
Bug description:
When running a guest session, I noticed I could access the home directories
of other users on the system.
aa-status showed the guest session process was not confined by apparmor.
25 profiles are in enforce mode
/usr/lib/lightdm/lightdm-guest-session-wrapper
/etc/apparmor.d/lightdm-guest-session has
"/usr/lib/lightdm/lightdm-guest-session-wrapper {"
However, the actual guest session wrapper script is shipped in
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper.
After I changed /etc/apparmor.d/lightdm-guest-session to point to the
correct location of the wrapper, the guest session was correctly
confined, as shown with aa-status, and access to other home
directories was properly denied.
81 processes are in enforce mode.
/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper (5217)
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: lightdm 1.2.0-0ubuntu1
ProcVersionSignature: Ubuntu 3.2.0-22.35-generic 3.2.14
Uname: Linux 3.2.0-22-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0-0ubuntu4
Architecture: amd64
Date: Sat Apr 7 13:45:14 2012
EcryptfsInUse: Yes
ProcEnviron:
TERM=xterm
PATH=(custom, user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: lightdm
UpgradeStatus: Upgraded to precise on 2012-02-18 (49 days ago)
mtime.conffile..etc.apparmor.d.lightdm.guest.session: 2012-04-07T12:42:00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/975901/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
