[qubes-devel] [PATCH] parser: Change warning of invalid path to error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Signed-off-by: Ben Grande - --- qrexec/policy/parser.py | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/qrexec/policy/parser.py b/qrexec/policy/parser.py index ab50f9e..143f77f 100644 - --- a/qrexec/policy/parser.py +++ b/qrexec/policy/parser.py @@ -1956,15 +1956,14 @@ class ToposortMixIn: if "/" in key and ( not key.startswith("include/") or key.count("/") > 1 ): - -# TODO make this an error, since we shouldn't accept this anyway - -logging.warning( - -"ignoring path %r included in %s on line %d; " - -"expect problems with import order", - -included_path, +raise PolicySyntaxError( filepath, lineno, +"invalid path {}, only paths inside the directories {} and " +"{}/include are considered".format( +included_path, POLICYPATH, POLICYPATH +), ) - -return self.included_paths[key].add(included_path) - -- Benjamin Grande -BEGIN PGP SIGNATURE- iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDlWV8UgAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5 NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW h/cRAP907orcsOXIb/oKiGsFw9Yi/S8y7dqNHYTJQqyDtqJliAD/bh55grJlnhxL rrvakIdwHf9SOmgXyt+56pS7XOH6Kgs= =FjoJ -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZHDlWg8DnnsSsSIR%40personal-mutt.
Re: [qubes-devel] [PATCH] parser: Change warning of invalid path to error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Fri, May 26, 2023 at 03:15:22PM +, Ben Grande wrote: > This was bugging me because in fact should be an error, not ignored. > -- > Benjamin Grande FYI, Google Groups mangles the message, invalidating the signature. I recommend sending the patch inline and using cleartext signatures. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmRw42UACgkQsoi1X/+c IsGHBhAAkR7SYIjmtlxs1qNtZn+sO1QadpSdb+iL1slYaA4SihH9pzdUeHV8vpGZ UOJBYXxDeaHOFLrPSCV5FE9vz23YuNneefJInUoPa8H1U6+f18DS0M6ji5XL7E9Z huQ7XKfJL0ius5/Rwe37evSTiphlLssSxYd7D+lbiRPlmoDkDTBOQK/LTKXyFTeZ 7ZVFiaLED7lVcCQR4SL+6l8MOBeHaFn93FNpj+RZang2w0oNfvTQblDEe8sPFXx1 SVDgMuaEI8toeIriiWoYPVk9EfyszVYZtLh5O+F6vBPRxh9dxBRFFcvmw5nN7/C/ IPwdBbGdBecFhQcr9MQkT6EE3BaOUhqqP8j2EgczScReQ0sYsfKNZRJU1mKZNTBv 2kMa4C/LjTLSvN0ft0RVesb7OcFmns40N0JzyGxdgHxKflSCkCAimIplD/Vtkb3j PDz+6299n4wDASMWHxZwErNCU0kk+jJUstDx2p/eiT5kbSbojt8FRJRzoywFWYFT yw4FzEd2sjEIt2XqWqj32x69vsJZcqxFUlV3OAX+RTDiF+cc1fFiUZ0Xxf8LH11A B9Ope4A4VQJ5BTSvA/LRJLONNG4AKC9omaQf0BxTJg7jpT3X266XyJAthspmCkoA fNPJeyEXIHgUeasBPCmIv4+MTdCb8klaZi8xNb/Lgl5WpD7GTIs= =kOdC -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZHDjZIkBwYfi0WI5%40itl-email.
[qubes-devel] [PATCH] parser: Change warning of invalid path to error
This was bugging me because in fact should be an error, not ignored. -- Benjamin Grande -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZHDNCoNSBgMlYYJp%40personal-mutt. From 2867bc612cd28c22ea40d4e14ad3e8df6fd90bb9 Mon Sep 17 00:00:00 2001 From: Ben Grande Date: Fri, 26 May 2023 15:12:29 + Subject: [PATCH] parser: Change warning of invalid path to error Signed-off-by: Ben Grande --- qrexec/policy/parser.py | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/qrexec/policy/parser.py b/qrexec/policy/parser.py index ab50f9e..143f77f 100644 --- a/qrexec/policy/parser.py +++ b/qrexec/policy/parser.py @@ -1956,15 +1956,14 @@ class ToposortMixIn: if "/" in key and ( not key.startswith("include/") or key.count("/") > 1 ): -# TODO make this an error, since we shouldn't accept this anyway -logging.warning( -"ignoring path %r included in %s on line %d; " -"expect problems with import order", -included_path, +raise PolicySyntaxError( filepath, lineno, +"invalid path {}, only paths inside the directories {} and " +"{}/include are considered".format( +included_path, POLICYPATH, POLICYPATH +), ) -return self.included_paths[key].add(included_path) -- Benjamin Grande signature.asc Description: PGP signature