parser accepts " /foo x -> /bar," as valid rule

Bug #1532578 reported by Christian Boltz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
AppArmor
New
Undecided
Unassigned

Bug Description

If you try to use a file rule like
    /foo x,
the parser complains that you need to use ix, Px, Cx etc - good.

However, if you add an exec target like
  /foo x -> /bar,
it will happily accept that rule.

Reproducer:
    echo '/t { /foo x -> /bar, }' | /sbin/apparmor_parser -pq
surprisingly accepts the rule as valid.

I'd expect that only deny rules allow to use a plain 'x':
  deny /foo x,

Tags: aa-parser
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.