On Sun, Oct 12, 2014 at 08:45:44PM +0200, Christian Boltz wrote: > Hello, > > another (this time easy) bug found by Stallmanu: > > When adding inet rules in aa-logprof, it crashes with > IndexError: list index out of range > > The reason is that it doesn't display the options if only the raw rule > is available (aka "no abstraction"). > > This patch checks if options[] is set and otherwise sets selection to > the raw rule. > > As an alternative, we could always display the options - even if only > one option is available. Opinions?
I think I'm okay with this patch as is, though I don't know this code well enough to know what "display the options" means; I thought the CMD_ALLOW indicated that the user had already accepted a choice, but probably that's my misunderstanding. Would adding it to the options list give the user the opportunity to modify the proposed rule (e.g. shorten 'network inet dgram,' down to 'network inet' say) and not adding it prevent that? Because if so, then I think we ought to offer the option. (But I can live with the patch as is, so Acked-by: Steve Beattie <[email protected]> if you don't want to do that.) Thanks. -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
