Closed GoogleCodeExporter closed 8 years ago
Original comment by ravt...@gmail.com
on 20 Nov 2012 at 3:01
Original comment by ravt...@gmail.com
on 20 Nov 2012 at 3:51
This is an invalid bug.
This bug was filed because the 'root' id within the chroot-jail could write
into /proc entries. However, this is not true for monitors since 'ae' daemon
lowers the privilege of the monitors to 'ae' user id. So, monitors, which are
children of the 'ae' daemon, will have read access, as it has been explicitly
allowed in the AppArmor policy for 'ae' binary.
Verified and reasoned this with Ravi. And hence closing it.
Original comment by toddd...@gmail.com
on 21 Nov 2012 at 2:19
Original issue reported on code.google.com by
toddd...@gmail.com
on 20 Nov 2012 at 2:37