[apparmor] [patch] Error out if the log contains an exec event for a directory
kgupta8592 at gmail.com
Tue Feb 9 19:41:33 UTC 2016
On Thu, Feb 4, 2016 at 10:23 PM, Christian Boltz <apparmor at cboltz.de> wrote:
> according to the discussion with John on IRC, exec log events for
> directories should never happen, therefore let handle_children()
> raise an exception.
> [ 69-error-out-on-dir-exec.diff ]
> --- utils/apparmor/aa.py 2016-02-04 01:21:33.010848414 +0100
> +++ utils/apparmor/aa.py 2016-02-04 17:49:00.985255184 +0100
> @@ -1208,8 +1203,7 @@
> if mode & str_to_mode('x'):
> if os.path.isdir(exec_target):
> - mode = mode - apparmor.aamode.ALL_AA_EXEC_TYPE
> - mode = mode | str_to_mode('ix')
> + raise AppArmorBug('exec permissions requested for
> directory %s. This should not happen - please open a bugreport!' %
> do_execute = True
> Thanks for the patch.
Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>
> Christian Boltz
> > > "Frontpage" is a M$ WYSIWYG web page creation program.
> Would you like some Wine with that ActiveX?
> You must have a different Outlook(tm) on things, I thought it was an
> Excel(tm)lent Word(tm). [>> Carl Hartung and Peter Flodin in opensuse]
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AppArmor