Hi,
After getting comfortable with mod_apparmor and slowly migrating sites to it,
I'm seeing some weird audit logs from the HANDLING_UNTRUSTED_INPUT hat on a
virtual host. The weird entries all have this form:
apparmor="DENIED" operation=“file_perm"
profile="/usr/sbin/apache2//HANDLING_UNTR
Hello,
just in case you want to do a 8/7 ;-) patch:
With 7/7 applied, we have this interesting[tm] line:
B = [ I ... ] [ I ... ] ( '"'
I '"' | I ) [ 'flags=(complain)' ]'{' [ ( I | I | I | I | I |
I | I | I | I |
I | I | I | I |
I) ... ] '}'
It would be more readable if we split out the inn
Hello,
Am Samstag, 21. März 2015 schrieb John Johansen:
> buglink: https://launchpad.net/bugs/1429202
>
> Signed-off-by: John Johansen
> ---
> parser/apparmor.d.pod | 35 ++-
> 1 file changed, 34 insertions(+), 1 deletion(-)
>
> diff --git a/parser/apparmor.d.po
Hello,
Am Samstag, 21. März 2015 schrieb John Johansen:
> Refactor FILEGLOB so that it means both quoted and unquoted file
> globs.
>
> Also
> FILEGLOB was uncorrectly referenced in a few places where it should
> have allowed for quoting.
>
> There were also a few places that provided a paramete
Hello,
Am Samstag, 21. März 2015 schrieb John Johansen:
> Add miss ix and ux fallback permission modes, named profile
> transitions. Also fix the file access modes and rule pattern to
> properly reflect what is allowed.
>
> Signed-off-by: John Johansen
> ---
> parser/apparmor.d.pod | 98
> +
Hello,
Am Samstag, 21. März 2015 schrieb John Johansen:
> Signed-off-by: John Johansen
> ---
> parser/apparmor.d.pod | 42 +-
> 1 file changed, 41 insertions(+), 1 deletion(-)
>
> diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
> index f54d450..
Update the file rule pattern to show it is possible to specify a bare
file rule. Eg.
file,
Signed-off-by: John Johansen
Acked-by: Christian Boltz
---
parser/apparmor.d.pod | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index
Signed-off-by: John Johansen
Acked-by: Christian Boltz
---
parser/apparmor.d.pod | 50 +-
1 file changed, 45 insertions(+), 5 deletions(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index 661d924..10808c9 100644
--- a/parser/apparm
buglink: https://launchpad.net/bugs/1429202
Signed-off-by: John Johansen
---
parser/apparmor.d.pod | 35 ++-
1 file changed, 34 insertions(+), 1 deletion(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index a6fdb9a..7c65e5d 100644
--- a/parser/appa
Refactor FILEGLOB so that it means both quoted and unquoted file globs.
Also
FILEGLOB was uncorrectly referenced in a few places where it should have
allowed for quoting.
There were also a few places that provided a parameter description with
FILEGLOB without defining that that is full equivalent
- applied Christian's suggested changes
- expanded some of the explanations
- add FILEGLOB consolidation patch
- add basic rlimit documentation
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Signed-off-by: John Johansen
Acked-by: Christian Boltz
---
parser/apparmor.d.pod | 15 ++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index 5c97896..661d924 100644
--- a/parser/apparmor.d.pod
+++ b/parser/apparmor.d.pod
Signed-off-by: John Johansen
---
parser/apparmor.d.pod | 42 +-
1 file changed, 41 insertions(+), 1 deletion(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index f54d450..ebc6490 100644
--- a/parser/apparmor.d.pod
+++ b/parser/apparmor.d.pod
Add miss ix and ux fallback permission modes, named profile transitions.
Also fix the file access modes and rule pattern to properly reflect
what is allowed.
Signed-off-by: John Johansen
---
parser/apparmor.d.pod | 98 ++-
1 file changed, 89 insert
On 03/20/2015 12:06 PM, Christian Boltz wrote:
> Hello,
>
> Am Freitag, 20. März 2015 schrieb John Johansen:
>> Signed-off-by: John Johansen
>> ---
>> parser/apparmor.d.pod | 27 +--
>> 1 file changed, 25 insertions(+), 2 deletions(-)
>>
>> diff --git a/parser/apparmor.d.
On 03/20/2015 05:53 AM, Christian Boltz wrote:
> Hello,
>
> Am Freitag, 20. März 2015 schrieb John Johansen:
>> Signed-off-by: John Johansen
>> ---
>> parser/apparmor.d.pod | 22 +-
>> 1 file changed, 21 insertions(+), 1 deletion(-)
>>
>> diff --git a/parser/apparmor.d.pod b/
On 03/20/2015 11:23 AM, Christian Boltz wrote:
> Hallo Leute,
>
> Am Freitag, 20. März 2015 schrieb John Johansen:
>> Add miss ix and ux fallback permission modes, named profile
>> transitions. Also fix the file access modes and rule pattern to
>> properly reflect what is allowed.
>>
>> Signed-off
17 matches
Mail list logo