Viewing all changes in revision 3466.
- Committer: Tyler Hicks
- Date: 2016-05-28 16:58:41 UTC
- Revision ID: tyhicks@canonical.com-20160528165841-czsdd5f5vc91hhc7
tests: Regression tests to verify AT_SECURE across exec transitions
The AT_SECURE value in the kernel's per-process auxiliary vector is what
signals to libc that the process' environment should be scrubbed. This
new set of regression tests checks the AT_SECURE value after performing
the various types of exec transitions that AppArmor supports (file rules
with different exec access modes and change_profile rules).
Different versions of the kernel handle AT_SECURE differently with
respect to change_profile rules. This change in behavior was introduced
in the AppArmor profile stacking kernel support and the tests are
conditionalized to account for this change.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
The AT_SECURE value in the kernel's per-process auxiliary vector is what
signals to libc that the process' environment should be scrubbed. This
new set of regression tests checks the AT_SECURE value after performing
the various types of exec transitions that AppArmor supports (file rules
with different exec access modes and change_profile rules).
Different versions of the kernel handle AT_SECURE differently with
respect to change_profile rules. This change in behavior was introduced
in the AppArmor profile stacking kernel support and the tests are
conditionalized to account for this change.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
- files added:
- tests/regression/apparmor/at_secure.c
- files modified:
- tests/regression/apparmor/Makefile
expand all
collapse all
added
removed
