[apparmor] [patch] apparmor-utils: Fix handling of files in / (apparmor-utils-filenames-in-slash)

Steve Beattie steve at nxnw.org
Tue Aug 16 21:35:20 UTC 2011 

On Tue, Aug 09, 2011 at 12:10:30AM +0200, Christian Boltz wrote:
> another bugfix from openSUSE:
> 
> 
> From: Jeff Mahoney <jeffm at suse.com>
> Subject: apparmor-utils: Fix handling of files in /
> References: bnc#397883
> 
>  The separate handling of files and directories with realpath is broken.                                                                                                        
> 
>  For files e.g. /foo, $dir ends up being empty since the / is eaten by
>  the regex. realpath resolves an empty argument as the current directory,
>  resulting in an incorrect path.
> 
>  There's no explanation of why the separate handling was used in the
>  first place.
> 
> Signed-off-by: Jeff Mahoney <jeffm at suse.com>

Acked-By: Steve Beattie <sbeattie at ubuntu.com>

I'm not sure why it was originally done this way, and it was added
before the source tree was moved to a public VCS. Jesse, any idea?

> From: Jeff Mahoney <jeffm at suse.com>
> Subject: apparmor-utils: Fix handling of files in /
> 
>  The separate handling of files and directories with realpath is broken.
> 
>  For files e.g. /foo, $dir ends up being empty since the / is eaten by
>  the regex. realpath resolves an empty argument as the current directory,
>  resulting in an incorrect path.
> 
>  There's no explanation of why the separate handling was used in the
>  first place.
> 
> Signed-off-by: Jeff Mahoney <jeffm at suse.com>
> ---
>  utils/Immunix/AppArmor.pm |    9 +--------
>  1 file changed, 1 insertion(+), 8 deletions(-)
> 
> --- a/utils/Immunix/AppArmor.pm
> +++ b/utils/Immunix/AppArmor.pm
> @@ -553,14 +553,7 @@ sub get_full_path ($) {
>          }
>      }
>  
> -    if (-f $path) {
> -        my ($dir, $file) = $path =~ m/^(.*)\/(.+)$/;
> -        $path = realpath($dir) . "/$file";
> -    } else {
> -        $path = realpath($path);
> -    }
> -
> -    return $path;
> +    return realpath($path);
>  }
>  
>  sub findexecutable ($) {

> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor


-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110816/4808198d/attachment.pgp>

More information about the AppArmor mailing list