Bug 129822 - [PATCH]: filenames with braces break audit2allow
[PATCH]: filenames with braces break audit2allow
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
rawhide
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks: FC3Target
  Show dependency treegraph
 
Reported: 2004-08-12 18:28 EDT by Tom London
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-08-25 13:48:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tom London 2004-08-12 18:28:47 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7)
Gecko/20040803 Firefox/0.9.3

Description of problem:
AVC messages that have filenames (path=, exe=, etc.) containing a left
brace character '{' cause audit2allow to loop, or otherwise misbehave.

Assuming that the 'brace' should trigger special handling only when it
starts a field, here is a patch:

--- /usr/bin/audit2allow        2004-08-11 14:29:39.000000000 -0700
+++ a2a 2004-08-12 14:42:33.812606852 -0700
@@ -65,7 +65,7 @@
     $command="";
     foreach $i(0..$#types){
        next if($types[$i]!~/[=\{]/);
-       if($types[$i]=~/\{/){
+       if($types[$i]=~/^\{/){
            $j=$i+1;
            while($types[$j]!~/\}/){
                $command.=" $types[$j]";

For reference, here is a 'brace AVC':

Aug 12 09:08:02 fedora kernel: audit(1092326882.229:0): avc:  denied 
{ read } for  pid=4477 exe=/bin/bash
path=/home/tbl/.thunderbird/default/7hvcq9as.slt/extensions/{847b3a00-7ab1-11d4-8f02-006008948af5}/chrome/enigmail-skin-tbird.jar
dev=hda2 ino=3769282 scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:user_home_t tclass=file



Version-Release number of selected component (if applicable):
policycoreutils-1.15.5-1

How reproducible:
Always

Steps to Reproduce:
1. generate AVC with filename containing brace (e.g., use thunderbird
extensions)
2. run audit2allow on AVC
3.
    

Additional info:
Comment 1 Daniel Walsh 2004-08-25 13:48:51 EDT
Patch applied in upstream.

Note You need to log in before you can comment on or make changes to this bug.