mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00
Code Issues Releases Wiki Activity

Add option to force that read implies exec from user side.

Browse Source
This commit is contained in:
John Johansen
2009-06-10 15:37:27 +00:00
parent b240be37cc
commit 5998357682
3 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
parser/parser_misc.c
View File

@@ -467,8 +467,12 @@ static int parse_sub_mode(const char *str_mode, const char *mode_desc)
reeval:
switch (this) {
case COD_READ_CHAR:
PDEBUG("Parsing mode: found %s READ\n", mode_desc);
mode |= AA_MAY_READ;
if (read_implies_exec) {
PDEBUG("Parsing mode: found %s READ imply X\n", mode_desc); mode |= AA_MAY_READ | AA_EXEC_MMAP;
} else {
PDEBUG("Parsing mode: found %s READ\n", mode_desc);
mode |= AA_MAY_READ;
}
break;
case COD_WRITE_CHAR: