Red Hat Security Advisory 2020-5607-01 – The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system. Bug Fix: When an update replaces the binary of a running application, the kernel modifies the application binary path in memory by appending the ” ” suffix. Previously, the fapolicyd file access policy daemon treated such applications as untrusted, and prevented them from opening and executing any other files. As a consequence, the system was sometimes unable to boot after applying updates.

Leave a comment