fun with whitespace in profile names
Bug #1658217 reported by
Christian Boltz
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
New
|
Undecided
|
Unassigned |
Bug Description
apparmor_parser accepts profile names with leading whitespace, which leads to various funny effects.
echo 'profile " foo" { }' | apparmor_parser -r
The most interesting effects are:
- you can load multiple profiles with the same name, it doesn't get replaced
- loading a "foo" profile (without whitespace) will replace it (or conflict if you didn't use -r)
- aa-exec -p "foo" and aa-exec -p " foo" both use this profile
- to onload the profile, you have to use "foo" (without whitespace) as profile name
I can probably dig out more funny things from yesterday's IRC log ;-)
To post a comment you must log in.