mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 00:14:44 +01:00
Merge tunable: add letter, alphanumeric character, hex and words variables.
Follow up from !1544 with the other basic variables. Variables such as `@{rand6}` and `@{word6}` are very commonly used as they allow us to restrict access from rules such as: `/tmp/*`, `/tmp/??????` MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1546 Approved-by: John Johansen <john@jjmx.net> Merged-by: John Johansen <john@jjmx.net>
This commit is contained in:
John Johansen
commit
b5ff20b5f1
1 changed files with 82 additions and 0 deletions
|
|
@ -11,7 +11,89 @@
|
|||
# Any digit
|
||||
@{d}=[0-9]
|
||||
|
||||
# Any letter
|
||||
@{l}=[a-zA-Z]
|
||||
|
||||
# Single alphanumeric character
|
||||
@{c}=[0-9a-zA-Z]
|
||||
|
||||
# Word character: matches any letter, digit or underscore.
|
||||
@{w}=[a-zA-Z0-9_]
|
||||
|
||||
# Single hexadecimal character
|
||||
@{h}=[0-9a-fA-F]
|
||||
|
||||
# Integer up to 10 digits (0-9999999999)
|
||||
@{int}=@{d}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}
|
||||
|
||||
# hexadecimal, alphanumeric and word up to 64 characters
|
||||
@{hex}=@{h}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}
|
||||
@{rand}=@{c}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}
|
||||
@{word}=@{w}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}
|
||||
|
||||
# Unsigned integer over 8 bits (0...255)
|
||||
@{u8}=[0-9]{[0-9],} 1[0-9][0-9] 2[0-4][0-9] 25[0-5]
|
||||
|
||||
# Unsigned integer over 16 bits (0...65,535 5 digits)
|
||||
@{u16}={@{d},[1-9]@{d},[1-9][@{d}@{d},[1-9]@{d}@{d}@{d},[1-6]@{d}@{d}@{d}@{d}}
|
||||
|
||||
# Unsigned integer over 32 bits (0...4,294,967,295 10 digits)
|
||||
@{u32}={@{d},[1-9]@{d},[1-9]@{d}@{d},[1-9]@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-4]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}}
|
||||
|
||||
# Unsigned integer over 64 bits (0...18,446,744,073,709,551,615 20 digits).
|
||||
@{u64}={@{d},[1-9]@{d},[1-9]@{d}@{d},[1-9]@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},[1-9]@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d},1@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}@{d}}
|
||||
|
||||
# Any x digits characters
|
||||
@{int2}=@{d}@{d}
|
||||
@{int4}=@{int2}@{int2}
|
||||
@{int6}=@{int4}@{int2}
|
||||
@{int8}=@{int4}@{int4}
|
||||
@{int9}=@{int8}@{d}
|
||||
@{int10}=@{int8}@{int2}
|
||||
@{int12}=@{int8}@{int4}
|
||||
@{int15}=@{int8}@{int4}@{int2}@{d}
|
||||
@{int16}=@{int8}@{int8}
|
||||
@{int32}=@{int16}@{int16}
|
||||
@{int64}=@{int32}@{int32}
|
||||
|
||||
# Any x hexadecimal characters
|
||||
@{hex2}=@{h}@{h}
|
||||
@{hex4}=@{hex2}@{hex2}
|
||||
@{hex6}=@{hex4}@{hex2}
|
||||
@{hex8}=@{hex4}@{hex4}
|
||||
@{hex9}=@{hex8}@{h}
|
||||
@{hex10}=@{hex8}@{hex2}
|
||||
@{hex12}=@{hex8}@{hex4}
|
||||
@{hex15}=@{hex8}@{hex4}@{hex2}@{h}
|
||||
@{hex16}=@{hex8}@{hex8}
|
||||
@{hex32}=@{hex16}@{hex16}
|
||||
@{hex38}=@{hex32}@{hex6}
|
||||
@{hex64}=@{hex32}@{hex32}
|
||||
|
||||
# Any x alphanumeric characters
|
||||
@{rand2}=@{c}@{c}
|
||||
@{rand4}=@{rand2}@{rand2}
|
||||
@{rand6}=@{rand4}@{rand2}
|
||||
@{rand8}=@{rand4}@{rand4}
|
||||
@{rand9}=@{rand8}@{c}
|
||||
@{rand10}=@{rand8}@{rand2}
|
||||
@{rand12}=@{rand8}@{rand4}
|
||||
@{rand15}=@{rand8}@{rand4}@{rand2}@{c}
|
||||
@{rand16}=@{rand8}@{rand8}
|
||||
@{rand32}=@{rand16}@{rand16}
|
||||
@{rand64}=@{rand32}@{rand32}
|
||||
|
||||
# Any x word characters
|
||||
@{word2}=@{w}@{w}
|
||||
@{word4}=@{word2}@{word2}
|
||||
@{word6}=@{word4}@{word2}
|
||||
@{word8}=@{word4}@{word4}
|
||||
@{word9}=@{word8}@{w}
|
||||
@{word10}=@{word8}@{word2}
|
||||
@{word12}=@{word8}@{word4}
|
||||
@{word15}=@{word8}@{word4}@{word2}@{w}
|
||||
@{word16}=@{word8}@{word8}
|
||||
@{word32}=@{word16}@{word16}
|
||||
@{word64}=@{word32}@{word32}
|
||||
|
||||
include if exists <tunables/system.d>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue