mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Description: use -QTK instead of -p in verify_policy(). '-p' only runs the

Browse source 
preprocessor and is not as thorough as -QTK (--skip-kernel-load,
 --skip-read-cache, --skip-cache). Like with '-p', '-QTK' can be run without
 privilege but it will catch things like conflictings 'x' modifiers.

Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
This commit is contained in:
Jamie Strandboge 2014-06-09 13:38:35 -05:00
parent f6f4ef7ee9
commit f8ed2e1d0d
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
utils/apparmor/easyprof.py
View file

@ -279,7 +279,7 @@ def verify_policy(policy):
os.write(f, policy) os.write(f, policy)
os.close(f) os.close(f)
rc, out = cmd([exe, '-p', fn]) rc, out = cmd([exe, '-QTK', fn])
os.unlink(fn) os.unlink(fn)
if rc == 0: if rc == 0:
return True return True