-
Steve Beattie authored
Add infrastructure for calling the mount test binary with an fstype instead of using the default hardcoded ext2 type, and then use that in a test that exercises CVE-2016-1585, ensuring that mounting a procfs filesystem isn't permitted when the only mount rule is mount options=(rw,make-slave) -> **, to try to ensure that the generated and enforced policy is restricted to what is intended. Signed-off-by: Steve Beattie <steve.beattie@canonical.com> Bug: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1597017 MR: !1211