<div dir="ltr">Hello<br><div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jan 6, 2016 at 10:41 PM, Christian Boltz <span dir="ltr"><<a href="mailto:apparmor@cboltz.de" target="_blank">apparmor@cboltz.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hallo,<br></blockquote><div>lol <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
I noticed in Simon's sshd profile that the ptrace peer can contain a<br>
quoted value - something I missed when writing the PtraceRule class.<br>
<br>
This patch adds handling for quoted values and two testcases for it.<br>
<br>
<br>
[ 62-ptrace-peer-strip-quotes.diff ]<br>
<br>
=== modified file ./utils/apparmor/rule/ptrace.py<br>
--- utils/apparmor/rule/ptrace.py 2016-01-02 23:41:49.811539038 +0100<br>
+++ utils/apparmor/rule/ptrace.py 2016-01-06 18:02:51.563196306 +0100<br>
@@ -14,7 +14,7 @@<br>
<br>
import re<br>
<br>
-from apparmor.regex import RE_PROFILE_PTRACE, RE_PROFILE_NAME<br>
+from apparmor.regex import RE_PROFILE_PTRACE, RE_PROFILE_NAME, strip_quotes<br></blockquote><div>wow! strip_quotes is a function in regex module! (pretty sure I'm to blame for it but still)<br> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
from apparmor.common import AppArmorBug, AppArmorException<br>
from apparmor.rule import BaseRule, BaseRuleset, check_and_split_list, logprof_value_or_all, parse_modifiers, quote_if_needed<br>
<br>
@@ -99,7 +99,7 @@<br>
access = PtraceRule.ALL<br>
<br>
if details.group('peer'):<br>
- peer = details.group('peer')<br>
+ peer = strip_quotes(details.group('peer'))<br>
else:<br>
peer = PtraceRule.ALL<br>
else:<br>
=== modified file ./utils/test/test-ptrace.py<br>
--- utils/test/test-ptrace.py 2016-01-06 18:09:08.007976455 +0100<br>
+++ utils/test/test-ptrace.py 2016-01-06 18:08:41.431926398 +0100<br>
@@ -54,9 +54,11 @@<br>
('deny ptrace read, # cmt' , exp(False, False, True , ' # cmt', {'read'}, False, None, True )),<br>
('audit allow ptrace,' , exp(True , True , False, '', None , True , None, True )),<br>
('ptrace peer=unconfined,' , exp(False, False, False, '', None , True , 'unconfined', False )),<br>
+ ('ptrace peer="unconfined",' , exp(False, False, False, '', None , True , 'unconfined', False )),<br>
('ptrace read,' , exp(False, False, False, '', {'read'}, False, None, True )),<br>
('ptrace peer=/foo,' , exp(False, False, False, '', None , True , '/foo', False )),<br>
('ptrace r peer=/foo,' , exp(False, False, False, '', {'r'}, False, '/foo', False )),<br>
+ ('ptrace r peer="/foo bar",' , exp(False, False, False, '', {'r'}, False, '/foo bar', False )),<br>
]<br>
<br>
def _run_test(self, rawrule, expected):<br>
<br></blockquote><div>Thanks for the patch.<br><br>Acked-by: Kshitij Gupta <<a href="mailto:kgupta8592@gmail.com" target="_blank">kgupta8592@gmail.com</a>> <div class=""><div id=":11q" class="" tabindex="0"><img class="" src="https://ssl.gstatic.com/ui/v1/icons/mail/images/cleardot.gif"></div></div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Regards,<br>
<br>
Christian Boltz<br>
<span class=""><font color="#888888">--<br>
Yes, we all write crappy software and have no idea what we are doing and<br>
should listen to everyone who tells us to stop because they are the ones<br>
who know best. [Greg KH in opensuse-factory]<br>
</font></span><br>--<br>
AppArmor mailing list<br>
<a href="mailto:AppArmor@lists.ubuntu.com">AppArmor@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a href="https://lists.ubuntu.com/mailman/listinfo/apparmor" rel="noreferrer" target="_blank">https://lists.ubuntu.com/mailman/listinfo/apparmor</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div>Regards,<br><br></div>Kshitij Gupta<br></div></div>
</div></div></div>