[qubes-devel] [PATCH] parser: Change warning of invalid path to error
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Signed-off-by: Ben Grande
- ---
qrexec/policy/parser.py | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/qrexec/policy/parser.py b/qrexec/policy/parser.py
index ab50f9e..143f77f 100644
- --- a/qrexec/policy/parser.py
+++ b/qrexec/policy/parser.py
@@ -1956,15 +1956,14 @@ class ToposortMixIn:
if "/" in key and (
not key.startswith("include/") or key.count("/") > 1
):
- -# TODO make this an error, since we shouldn't accept this anyway
- -logging.warning(
- -"ignoring path %r included in %s on line %d; "
- -"expect problems with import order",
- -included_path,
+raise PolicySyntaxError(
filepath,
lineno,
+"invalid path {}, only paths inside the directories {} and "
+"{}/include are considered".format(
+included_path, POLICYPATH, POLICYPATH
+),
)
- -return
self.included_paths[key].add(included_path)
- --
Benjamin Grande
-BEGIN PGP SIGNATURE-
iNUEARYKAH0WIQRklnEdsUUe50UmvUUbcxS/DMyWhwUCZHDlWV8UgAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NjQ5
NjcxMURCMTQ1MUVFNzQ1MjZCRDQ1MUI3MzE0QkYwQ0NDOTY4NwAKCRAbcxS/DMyW
h/cRAP907orcsOXIb/oKiGsFw9Yi/S8y7dqNHYTJQqyDtqJliAD/bh55grJlnhxL
rrvakIdwHf9SOmgXyt+56pS7XOH6Kgs=
=FjoJ
-END PGP SIGNATURE-
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/ZHDlWg8DnnsSsSIR%40personal-mutt.
Re: [qubes-devel] [PATCH] parser: Change warning of invalid path to error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Fri, May 26, 2023 at 03:15:22PM +, Ben Grande wrote: > This was bugging me because in fact should be an error, not ignored. > -- > Benjamin Grande FYI, Google Groups mangles the message, invalidating the signature. I recommend sending the patch inline and using cleartext signatures. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEdodNnxM2uiJZBxxxsoi1X/+cIsEFAmRw42UACgkQsoi1X/+c IsGHBhAAkR7SYIjmtlxs1qNtZn+sO1QadpSdb+iL1slYaA4SihH9pzdUeHV8vpGZ UOJBYXxDeaHOFLrPSCV5FE9vz23YuNneefJInUoPa8H1U6+f18DS0M6ji5XL7E9Z huQ7XKfJL0ius5/Rwe37evSTiphlLssSxYd7D+lbiRPlmoDkDTBOQK/LTKXyFTeZ 7ZVFiaLED7lVcCQR4SL+6l8MOBeHaFn93FNpj+RZang2w0oNfvTQblDEe8sPFXx1 SVDgMuaEI8toeIriiWoYPVk9EfyszVYZtLh5O+F6vBPRxh9dxBRFFcvmw5nN7/C/ IPwdBbGdBecFhQcr9MQkT6EE3BaOUhqqP8j2EgczScReQ0sYsfKNZRJU1mKZNTBv 2kMa4C/LjTLSvN0ft0RVesb7OcFmns40N0JzyGxdgHxKflSCkCAimIplD/Vtkb3j PDz+6299n4wDASMWHxZwErNCU0kk+jJUstDx2p/eiT5kbSbojt8FRJRzoywFWYFT yw4FzEd2sjEIt2XqWqj32x69vsJZcqxFUlV3OAX+RTDiF+cc1fFiUZ0Xxf8LH11A B9Ope4A4VQJ5BTSvA/LRJLONNG4AKC9omaQf0BxTJg7jpT3X266XyJAthspmCkoA fNPJeyEXIHgUeasBPCmIv4+MTdCb8klaZi8xNb/Lgl5WpD7GTIs= =kOdC -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/ZHDjZIkBwYfi0WI5%40itl-email.
[qubes-devel] [PATCH] parser: Change warning of invalid path to error
This was bugging me because in fact should be an error, not ignored.
--
Benjamin Grande
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-devel/ZHDNCoNSBgMlYYJp%40personal-mutt.
From 2867bc612cd28c22ea40d4e14ad3e8df6fd90bb9 Mon Sep 17 00:00:00 2001
From: Ben Grande
Date: Fri, 26 May 2023 15:12:29 +
Subject: [PATCH] parser: Change warning of invalid path to error
Signed-off-by: Ben Grande
---
qrexec/policy/parser.py | 11 +--
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/qrexec/policy/parser.py b/qrexec/policy/parser.py
index ab50f9e..143f77f 100644
--- a/qrexec/policy/parser.py
+++ b/qrexec/policy/parser.py
@@ -1956,15 +1956,14 @@ class ToposortMixIn:
if "/" in key and (
not key.startswith("include/") or key.count("/") > 1
):
-# TODO make this an error, since we shouldn't accept this anyway
-logging.warning(
-"ignoring path %r included in %s on line %d; "
-"expect problems with import order",
-included_path,
+raise PolicySyntaxError(
filepath,
lineno,
+"invalid path {}, only paths inside the directories {} and "
+"{}/include are considered".format(
+included_path, POLICYPATH, POLICYPATH
+),
)
-return
self.included_paths[key].add(included_path)
--
Benjamin Grande
signature.asc
Description: PGP signature
