[apparmor] [patch] Fix missing profile init in create_new_profile()
Kshitij Gupta
kgupta8592 at gmail.com
Sun Oct 18 19:44:16 UTC 2015
Hello,
On Sun, Oct 18, 2015 at 9:04 PM, Christian Boltz <apparmor at cboltz.de> wrote:
> Hello,
>
> create_new_profile() didn't init missing required_hats as
> profile_storage(), which might lead to crashes when creating a profile
> for an application listed in the required_hats config option (= in very
> rare cases).
>
Did you encounter one or figured it out? ;-)
> This patch adds the missing profile_storage() call.
>
>
> [ 96-fix-missing-profile-init-in-create_new_profile.diff ]
>
> --- utils/apparmor/aa.py 2015-10-18 17:16:04.009741472 +0200
> +++ utils/apparmor/aa.py 2015-10-18 17:25:17.953411183 +0200
> @@ -502,6 +502,8 @@
> for hatglob in cfg['required_hats'].keys():
> if re.search(hatglob, localfile):
> for hat in sorted(cfg['required_hats'][hatglob].split()):
> + if not local_profile.get(hat, False):
> + local_profile[hat] = profile_storage()
> local_profile[hat]['flags'] = 'complain'
>
> if not is_stub:
>
> Thanks for the patch.
Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>.
> Regards,
>
> Christian Boltz
> --
> <prusnak> i am not going to use obs instead of mediawiki just
> because i can edit descriptions of the packages, right?
> [from #opensuse-project]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>
--
Regards,
Kshitij Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20151019/68b79804/attachment.html>
More information about the AppArmor
mailing list