From fbd17a29dad04d58534db355bc48b27b23b1d940 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gustavo=20I=C3=B1iguez=20Goia?= Date: Thu, 8 Feb 2024 17:45:21 +0100 Subject: [PATCH] pop-ups: filter by absolute path+cmdline on some cases If the pop-ups' target is to filter by cmdline, but the typed/launched command is not absolute or it starts with /proc, also filter by the absolute path to the binary. --- ui/opensnitch/dialogs/prompt/__init__.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ui/opensnitch/dialogs/prompt/__init__.py b/ui/opensnitch/dialogs/prompt/__init__.py index e11ceb9b..294664be 100644 --- a/ui/opensnitch/dialogs/prompt/__init__.py +++ b/ui/opensnitch/dialogs/prompt/__init__.py @@ -570,12 +570,13 @@ class PromptDialog(QtWidgets.QDialog, uic.loadUiType(DIALOG_UI_PATH)[0]): is_list_rule = self._is_list_rule() # If the user has selected to filter by cmdline, but the launched - # command path is not absolute, we can't trust it. In this case, - # also filter by the absolute path to the binary. + # command path is not absolute or the first component contains + # "/proc/" (/proc/self/fd.., /proc/1234/fd...), we can't trust it. + # In these cases, also filter by the absolute path to the binary. if self._rule.operator.operand == Config.OPERAND_PROCESS_COMMAND: proc_args = " ".join(self._con.process_args) proc_args = proc_args.split(" ") - if os.path.isabs(proc_args[0]) == False: + if os.path.isabs(proc_args[0]) == False or proc_args[0].startswith("/proc"): is_list_rule = True data.append({"type": Config.RULE_TYPE_SIMPLE, "operand": Config.OPERAND_PROCESS_PATH, "data": str(self._con.process_path)})