On 07/05/2013 03:08 PM, Seth Arnold wrote:
> On Mon, Jul 01, 2013 at 05:15:07PM -0500, Jamie Strandboge wrote:
>> + def set_template(self, template, allow_abs_path=True):
>> '''Set current template'''
>> self.template = template
>> + if "../" in template:
>> + raise AppArmorException('template "%s" contains "../" escape
>> path' % (template))
>> + if template.startswith('/'):
>> + if not allow_abs_path:
>> + raise AppArmorException("Cannot use an absolute path
>> template '%s'" % template)
>> + else:
>> self.template = os.path.join(self.dirs['templates'], template)
>> if not os.path.exists(self.template):
>> raise AppArmorException('%s does not exist' % (self.template))
>
> There's a race condition here; well, maybe not -race-, but self.template
> is updated before the sanity checks are performed. If either of those
> exceptions gets ignored in callers, the template is set to unsafe values.
>
Hmmm, I can fix it, but if a caller chooses to use a try clause and then ignore
it, I'm kinda thinking that is the caller's problem, no? I mean, that is why I'm
raising the exception here.I don't like how I am mixing and matching checking template and self.template though, so I'll change that right away. -- Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
