apparmor_parser does not handle quoted files with braces in their name
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
New
|
Undecided
|
Unassigned |
Bug Description
AppArmor does not successfully compile a profile with a rule like this:
```
profile foo (attach_
"/foobar/
}
```
It complains thusly:
$ sudo apparmor_parser -r foo.bin
apparmor_parser: Regex grouping error: Invalid number of items between {}
apparmor_parser: Regex grouping error: Invalid close }, no matching open { detected
apparmor_parser: Unable to parse input line '/foobar/
ERROR processing regexs for profile foo, failed to load
It was my understanding that since the braces are inside a quoted path, that the braces would effectively be ignored.
I'm not sure if this specific problem can be abused into an active vulnerability, so I'm filing this as a private bug until it can be analyzed to explain that it is not able / likely to be abused.
FYI, this came about as investigation into https:/
information type: | Private Security → Public |
Quoting in apparmor does not disable globbing, nor variable expansion. It only allows for certain characters to be included in a name like whitespace.
To deal with regex characters you need to escape them if a literal match is needed
``` some-path- with-braces- \}\{" rw,
"/foobar/
```