Re: genfs contexts labelling issue for special character

2016-07-01 Thread Stephen Smalley 
On 07/01/2016 08:06 AM, Inamdar Sharif wrote:
> Hi Guys,
> 
>  
> 
> I have a node which is  “abc,xyz”
> 
> I want to label this node in genfs_contexts but getting syntax error
> 
>  
> 
> But if I make the below change in
> external/selinux/checksepolicy/policy_scan.l it works fine.
> 
> -"/"({alnum}|[_\.\-/])* { return(PATH); }
> 
> +"/"({alnum}|[_\.\,\-/])*   { return(PATH); }
> 
>  
> 
> Is there any other way I can label the node ??

This is a proc file or something else?

The change above seems fine, but we really ought to fix PATH, QPATH
(quoted path, for paths that contain whitespace), and FILENAME
definitions to just permit all legal characters (PATH will still have to
omit whitespace, obviously, but QPATH supports that one).


___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: genfs contexts labelling issue for special character

2016-07-01 Thread William Roberts 
On Jul 1, 2016 08:15, "Inamdar Sharif"  wrote:
>
> Hi Guys,
>
>
>
> I have a node which is  “abc,xyz”
>
> I want to label this node in genfs_contexts but getting syntax error
>
>
>
> But if I make the below change in
external/selinux/checksepolicy/policy_scan.l it works fine.
>
> -"/"({alnum}|[_\.\-/])* { return(PATH); }
>
> +"/"({alnum}|[_\.\,\-/])*   { return(PATH); }
>
>
>
> Is there any other way I can label the node ??

I noticed the other day the lexer definition for PATH seemed incomplete.
Iirc someone had to add : to it the other day for a similar reason. Maybe I
was just reading this:
http://stackoverflow.com/questions/36926823/escaping-colon-character-in-android-selinux

I'm not sure why the class set doesn't include these characters. A patch to
add them seems reasonable.
>
>
>
> Thanks.
>
> 
> This email message is for the sole use of the intended recipient(s) and
may contain confidential information.  Any unauthorized review, use,
disclosure or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply email and destroy all copies
of the original message.
> 
>
> ___
> Seandroid-list mailing list
> Seandroid-list@tycho.nsa.gov
> To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
> To get help, send an email containing "help" to
seandroid-list-requ...@tycho.nsa.gov.
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

genfs contexts labelling issue for special character

2016-07-01 Thread Inamdar Sharif 
Hi Guys,

I have a node which is  "abc,xyz"
I want to label this node in genfs_contexts but getting syntax error

But if I make the below change in external/selinux/checksepolicy/policy_scan.l 
it works fine.
-"/"({alnum}|[_\.\-/])* { return(PATH); }
+"/"({alnum}|[_\.\,\-/])*   { return(PATH); }

Is there any other way I can label the node ??

Thanks.

---
This email message is for the sole use of the intended recipient(s) and may 
contain
confidential information.  Any unauthorized review, use, disclosure or 
distribution
is prohibited.  If you are not the intended recipient, please contact the 
sender by
reply email and destroy all copies of the original message.
---
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.