--- Al Viro <[EMAIL PROTECTED]> wrote:
> On Sat, Oct 27, 2007 at 11:01:12AM +0200, Ahmed S. Darwish wrote:
> > The problem here (As discussed in private mails) is that the for loop
> > assumes that the beginning of given user-space buffer is the beginning
> > of a rule. This leads to situations where the rule becomes "ecret 20",
> > or "cret 20" instead of "Secret 20". Big input buffers/files leads
> > smack to recieve a rule like "Secret 20" in fragmented chunks like:
> >
> > write("<lots of rules before ours>\nSec", ..)
> > write("r", 1, ..)
> > write("et 20\n<remaing rules after ours>", ..)
> >
> > Parsing a rule in such tough conditions in _kernel space_ is very
> > hard. I began to feel that it will be much easier if we do the parsing
> > in a userspace utility and let smack accept only small buffers (80 char).
>
> For crying out louf, all it takes is a finite state machine... BTW, folks,
> your parser *and* input language suck. Really. Silently allowing noise
> is Dumb(tm).
I was planning to patient Dumb, but if you've already got a copywrite
on it I'll have to go a different route. Carp.
> Please, write the grammar down and _follow_ _it_.
Good idea. I'll do it.
> ...
>
> Come on, people, this is ridiculous - why bother reinventing the wheels for
> the stuff that belongs to exercises halfway through any self-respecting
> introductory textbook? Scary parser, my arse...
That code is in need of cleansing. With bleach. Yes, it's on my list.
I managed to get my virtual disk back, found how I messed up on v9,
and now have a (long) list of improvements and fixes.
No rest for the wicked.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
