[apparmor] [patch 2/5] group network rule bits into their own file
John Johansen
john.johansen at canonical.com
Fri Aug 8 08:50:16 UTC 2014
On 08/07/2014 04:03 PM, Seth Arnold wrote:
> On Wed, Aug 06, 2014 at 05:32:46AM -0700, john.johansen at canonical.com wrote:
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>
> I found a bug; it and other comments inline.
>
> Thanks
>
thanks Seth
>> +#include <iomanip>
>> +#include <string>
>
> Is it kosher to include both string.h and string?
>
Meh, it works. I am not to concerned with kosher atm
>> - if (protocol) {
>> - PDEBUG("Checking protocol type %s\n", network_mappings[i].protocol_name);
>> - if (strcmp(type, network_mappings[i].protocol_name) != 0)
>> - continue;
>
> Ohhhhh. Fixing this bug looks like it might affect existing profiles.
>
Maybe but you will note that the table actually has entries with protocol (udp, tcp)
in type and in protocol. All this should do is cause failures when the type
and protocol are specified. Otherwise the code biases drops protocol and uses
type
More information about the AppArmor
mailing list