mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

parser: Fix MR625 to emit proc attr access for all situations

Browse Source 
MR625 fixed hats not emitting the rule to access the proc interface
needed for change_hat, but it broke the rule being emitted for the
parent (which used to work).

The proc attr access rule should be emitted for any profile that
is a hat OR any profile that contains hats.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/626
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2020-09-17 18:28:23 -07:00
parent 5b850c154f
commit 06d403bdac
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
parser/parser_policy.c
View File

@@ -205,7 +205,7 @@ static int profile_add_hat_rules(Profile *prof)
struct cod_entry *entry;
/* don't add hat rules if not hat or profile doesn't have hats */
if (!prof->flags.hat || !prof->hat_table.empty())
if (!prof->flags.hat && prof->hat_table.empty())
return 0;
/* add entry to hat */