mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 00:24:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

pop-ups: filter by absolute path+cmdline on some cases

Browse source 
If the pop-ups' target is to filter by cmdline, but the typed/launched
command is not absolute or it starts with /proc, also filter by the
absolute path to the binary.
This commit is contained in:
Gustavo Iñiguez Goia 2024-02-08 17:45:21 +01:00
parent c3ec54efaf
commit fbd17a29da
Failed to generate hash of commit
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ui/opensnitch/dialogs/prompt/__init__.py
View file

@ -570,12 +570,13 @@ class PromptDialog(QtWidgets.QDialog, uic.loadUiType(DIALOG_UI_PATH)[0]):
is_list_rule = self._is_list_rule()
# If the user has selected to filter by cmdline, but the launched
# command path is not absolute, we can't trust it. In this case,
# also filter by the absolute path to the binary.
# command path is not absolute or the first component contains
# "/proc/" (/proc/self/fd.., /proc/1234/fd...), we can't trust it.
# In these cases, also filter by the absolute path to the binary.
if self._rule.operator.operand == Config.OPERAND_PROCESS_COMMAND:
proc_args = " ".join(self._con.process_args)
proc_args = proc_args.split(" ")
if os.path.isabs(proc_args[0]) == False:
if os.path.isabs(proc_args[0]) == False or proc_args[0].startswith("/proc"):
is_list_rule = True
data.append({"type": Config.RULE_TYPE_SIMPLE, "operand": Config.OPERAND_PROCESS_PATH, "data": str(self._con.process_path)})