On Tue, Aug 26, 2014 at 03:31:26PM -0700, Seth Arnold wrote: > On Mon, Aug 25, 2014 at 05:06:07PM -0700, [email protected] wrote: > > This patch implements parsing of fine grained mediation for unix domain > > sockets, that have abstract and anonymous paths. Sockets with file > > system paths are handled by regular file access rules. > > One quick question ... > > > + */ > > +int af_rule::move_base_cond(struct cond_entry *ent, bool peer) > > +{ > > + if (!cond_check(supported_conds, ent, peer, "unknown")) > > + return false; > > + > > + if (strcmp(ent->name, "type") == 0) { > > + move_conditional_value("socket rule", &sock_type, ent); > > + sock_type_n = net_find_type_val(sock_type); > > + if (sock_type_n == -1) > > + yyerror("socket rule: invalid socket type '%s'", > > sock_type); > > + } else if (strcmp(ent->name, "protocol") == 0) { > > + yyerror("socket rule: 'protocol' conditional is not currently > > supported\n"); > > + } else if (strcmp(ent->name, "label") == 0) { > > + if (peer) > > + move_conditional_value("unix", &label, ent); > > + else > > + move_conditional_value("unix", &peer_label, ent); > > Is this if (peer) conditional test going in the correct direction?
Oh, of course, 03/12 fixes it. Never mind. > > + } else > > + return false; > > + > > + return true; > > +} > > Thanks > -- > AppArmor mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
