[apparmor] [patch] Drop safety net for network rules in parse_profile_data()
Seth Arnold
seth.arnold at canonical.com
Tue Jul 11 00:08:32 UTC 2017
On Sun, Jul 09, 2017 at 12:18:16PM +0200, Christian Boltz wrote:
> Hello,
>
> Network rules are the only rule type that had this safety net - if
> profile_data[profile][hat] really isn't initialized (which shouldn't
> happen), things will break at lots of other places ;-)
>
>
> [ 01-drop-network-safety-net.diff ]
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
> === modified file ./utils/apparmor/aa.py
> --- utils/apparmor/aa.py 2017-06-15 23:18:30.216491386 +0200
> +++ utils/apparmor/aa.py 2017-07-09 12:11:53.907188928 +0200
> @@ -2421,10 +2426,6 @@
> if not profile:
> raise AppArmorException(_('Syntax Error: Unexpected network entry found in file: %(file)s line: %(line)s') % { 'file': file, 'line': lineno + 1 })
>
> - # init rule class (if not done yet)
> - if not profile_data[profile][hat].get('network', False):
> - profile_data[profile][hat]['network'] = NetworkRuleset()
> -
> profile_data[profile][hat]['network'].add(NetworkRule.parse(line))
>
> elif DbusRule.match(line):
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170710/37588c1a/attachment.pgp>
More information about the AppArmor
mailing list