[apparmor] [PATCH] 2/6: man page updates
John Johansen
john.johansen at canonical.com
Sun Dec 19 22:08:48 GMT 2010
On 12/19/2010 11:36 AM, Christian Boltz wrote:
> Hello,
>
> Am Sonntag, 19. Dezember 2010 schrieb Jamie Strandboge:
>> On Sun, 2010-12-19 at 07:50 -0600, Jamie Strandboge wrote:
>>> 0002-add-inverted-character.patch: parser/apparmor.d.pod: add [^]
>
>> +=item B<[^d-z]>
>> +
>> +will substitute for the single character a, b, or c
>
> Not really correct *) - it allows _everything except_ d, e, ... y, z.
> Yes, this includes a, b and c, but it also includes digits, -, _, A...Z
> etc.
>
> *) at least if it follows normal RegEx or file glob syntax - I don't
> have a system with 2.5.x to verify it. If it is based on RegEx, then it
> even allows a "/".
>
it is everything except what is explicitly listed, and in the case of
pathnames I believe we are adding an implicit [^\000] (and if we are not
we should be) just as we do for globs. eg. * == [^/\000].
The caveat is that the parser is responsible for converting the character
set matching and it is done in 8 bit lc_local encoding, which is a long
outstanding bug. We should be taking the actual encoding setting and
converting characters to the internal format.
More information about the AppArmor
mailing list