[apparmor] [patch] AARE: escape exclamation mark
Seth Arnold
seth.arnold at canonical.com
Wed Jan 20 19:49:32 UTC 2016
On Wed, Jan 20, 2016 at 08:28:00PM +0100, Christian Boltz wrote:
> Hello,
>
> '!' is a reserved symbol and needs to be escaped in AARE.
>
>
> Sidenote:
> This bug went unnoticed since years. I noticed it on a server with
> AppArmor 2.8.4 where aa-logprof created an invalid profile after
> someone uploaded a file with an explanation mark in the filename.
>
>
> I propose the aa.py part of this patch for trunk, 2.10 and 2.9.
> aare.py only exists in trunk, therefore this part is trunk-only.
>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Acked for all three and trunk as needed.
Thanks
>
> [ 64-aare-escape-exclamation-mark.diff ]
>
> --- utils/apparmor/aa.py 2016-01-07 21:50:43.035415000 +0100
> +++ utils/apparmor/aa.py 2016-01-20 20:16:19.478996074 +0100
> @@ -1205,6 +1205,7 @@
> detail = detail.replace('*', '\*')
> detail = detail.replace('{', '\{')
> detail = detail.replace('}', '\}')
> + detail = detail.replace('!', '\!')
>
> # Give Execute dialog if x access requested for
> something that's not a directory
> # For directories force an 'ix' Path dialog
> --- utils/apparmor/aare.py 2015-12-27 16:06:12.635071663 +0100
> +++ utils/apparmor/aare.py 2016-01-20 19:53:40.902819126 +0100
> @@ -83,7 +83,7 @@
> def convert_expression_to_aare(expression):
> '''convert an expression (taken from audit.log) to an AARE
> string'''
>
> - aare_escape_chars = ['\\', '?', '*', '[', ']', '{', '}', '"']
> + aare_escape_chars = ['\\', '?', '*', '[', ']', '{', '}', '"', '!']
> for char in aare_escape_chars:
> expression = expression.replace(char, '\\' + char)
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160120/5a2bc408/attachment.pgp>
More information about the AppArmor
mailing list