mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make sure 'x' log events always come with type 'exec'

Browse source 
According to a discussion with John on IRC, denied_mask="x" can only
happen for 'exec' log events. This patch raises an exception if John
is wrong ;-)


Acked-by: Kshitij Gupta <kgupta8592@gmail.com>
This commit is contained in:
Christian Boltz 2016-02-21 20:43:58 +01:00
parent 19c098be04
commit bdf264a9be
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
utils/apparmor/aa.py
View file

@ -1179,6 +1179,8 @@ def handle_children(profile, hat, root):
if mode & str_to_mode('x'):
if os.path.isdir(exec_target):
raise AppArmorBug('exec permissions requested for directory %s. This should not happen - please open a bugreport!' % exec_target)
elif typ != 'exec':
raise AppArmorBug('exec permissions requested for %(exec_target)s, but mode is %(mode)s instead of exec. This should not happen - please open a bugreport!' % {'exec_target': exec_target, 'mode':mode})
else:
do_execute = True