[apparmor] [PATCH] clarify "deleted" test case
John Johansen
john.johansen at canonical.com
Thu Jul 29 11:43:23 BST 2010
On 07/26/2010 10:49 AM, Kees Cook wrote:
> On Mon, Jul 26, 2010 at 02:58:42AM -0700, John Johansen wrote:
>> On 07/25/2010 11:36 PM, Kees Cook wrote:
>>> Fixes "deleted" test case to match the documentation for the expected
>>> outcome. Adds additional positive test, fixes spelling.
>>>
>> generally looks good but again doesn't apply
>
> Try now that the rename has been committed.
>
>>
>>> genprofile $file:$okperm $socket:rw $fd_client:px -- image=$fd_client $file:$badperm $socket:rw
>>> -runchecktest "fd passing; confined client w/ w only" pass $file $socket $fd_client "delete_file"
>>> +runchecktest "fd passing; confined client w/ w only" fail $file $socket $fd_client "delete_file"
>>>
>> Hrrm, while I believe this is correct I need to spend some more time looking at it
>
> Yeah, I spent some time reviewing this since the comment about it and the
> outcome argument didn't agree. On review, it seemed like failure was the
> correct outcome (i.e. can't read the passed fd if you're not allowed to
> read it).
>
> I'll wait to commit until someone ACKs this one.
>
Alright I have gone through and verified this is the correct behavior. By default policy is
set to mediate deleted files, instead of delegate them. This means any profile the deleted file
is passed to must have an entry in its profile to access it.
I will create a few more tests that exercise both behaviors.
More information about the AppArmor
mailing list