** Summary changed: - Too easy to circumvent AppArmor using btrfs snapshots + Better support btrfs snapshots
** Changed in: apparmor (Ubuntu) Importance: Medium => Low -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/484786 Title: Better support btrfs snapshots Status in “apparmor” package in Ubuntu: Confirmed Bug description: Binary package hint: apparmor I just realized that the btrfs snapshotting ioctl is usable by all users, not root as I previously assumed. This makes it concerningly easy for users on btrfs to defeat a path-based MAC framework like AppArmor. For example, consider the gdm-guest-session user. If I log into a gdm-guest-session on btrfs: (1) ls /home ==> Permission denied as expected, by AppArmor. (2) cd /tmp (3) btrfsctl -s test / (Make a snapshot of / in /tmp called test) (4) cd /tmp/test (5) Profit! Apparmor-unrestricted mirror of / in /tmp/test! As btrfs inevitably will become a mainstream filesystem, it's a good time to begin thinking about how to handle this situation. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/484786/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
