On Wed, Jun 17, 2015 at 04:21:13AM -0700, John Johansen wrote:
> When @{profile_name} is used within a rule matching expression any
> aare expressions should be matched literally and not be interpreted as
> aare.
>
> That is
> profile /foo/** { }
>
> needs /foo/** to expand into a regular expression for its attachment
> but, /foo/** is also the profiles literal name. And when trying to
> match @{profile_name} in a rule, eg.
> ptrace @{profile_name},
>
> the variable needs to be expaned to
> ptrace /foo/\*\*,
>
> not
> ptrace /foo/**,
>
> that is currently happening.What happens if someone for example writes a profile for /usr/bin/[ ? > BugLink: http://bugs.launchpad.net/bugs/1317555 > > equality tests by > Tyler Hicks <[email protected]> -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
