On Mon, Jul 01, 2013 at 05:15:07PM -0500, Jamie Strandboge wrote: > + def set_template(self, template, allow_abs_path=True): > '''Set current template''' > self.template = template > + if "../" in template: > + raise AppArmorException('template "%s" contains "../" escape > path' % (template)) > + if template.startswith('/'): > + if not allow_abs_path: > + raise AppArmorException("Cannot use an absolute path > template '%s'" % template) > + else: > self.template = os.path.join(self.dirs['templates'], template) > if not os.path.exists(self.template): > raise AppArmorException('%s does not exist' % (self.template))
There's a race condition here; well, maybe not -race-, but self.template is updated before the sanity checks are performed. If either of those exceptions gets ignored in callers, the template is set to unsafe values. Thanks
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor