[apparmor] [patch] utils: fix x modifier case setting
Steve Beattie
steve at nxnw.org
Wed Aug 17 22:20:08 UTC 2011
On Wed, Aug 17, 2011 at 03:08:23PM -0700, Steve Beattie wrote:
> Basically, logprof and genprof create all execute permissions with
> the modifiers as lowercase (meaning to pass on sensitive environment
> variables to the exec'ed process) even if the user told them not to
> when prompted. This patch fixes the issue.
I should clarify, the utils were failing to set the case properly for cx
and px permissions, not for Ux. It correctly handles the Ux situation.
> I'm also nominating this fix for 2.6.
>
> --
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/
> ---
> utils/Immunix/AppArmor.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Index: b/utils/Immunix/AppArmor.pm
> ===================================================================
> --- a/utils/Immunix/AppArmor.pm
> +++ b/utils/Immunix/AppArmor.pm
> @@ -2254,7 +2254,7 @@ sub handlechildren($$$) {
> my $ynans = UI_YesNo($px_mesg, $px_default);
> $ans = "CMD_$match";
> if ($ynans eq "y") {
> - $exec_mode &= ~$AA_EXEC_UNSAFE;
> + $exec_mode &= ~($AA_EXEC_UNSAFE | ($AA_EXEC_UNSAFE << $AA_OTHER_SHIFT));
> }
> } elsif ($ans eq "CMD_ux") {
> $exec_mode = str_to_mode("ux");
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110817/ba8cfdc9/attachment.pgp>
More information about the AppArmor
mailing list