Error out if the log contains an exec event for a directory

According to the discussion with John on IRC, exec log events for directories should never happen, therefore let handle_children() raise an exception. Acked-by: Kshitij Gupta <kgupta8592@gmail.com>
2025-08-29 21:38:15 +00:00 · 2016-02-10 19:13:51 +01:00 · 2016-02-10 19:13:51 +01:00 · c61a75c91a
commit c61a75c91a
parent 322c5f04f8
1 changed files with 1 additions and 2 deletions
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@ -1179,8 +1179,7 @@ def handle_children(profile, hat, root):

                if mode & str_to_mode('x'):
                    if os.path.isdir(exec_target):
-                        mode = mode - apparmor.aamode.ALL_AA_EXEC_TYPE
-                        mode = mode | str_to_mode('ix')
+                        raise AppArmorBug('exec permissions requested for directory %s. This should not happen - please open a bugreport!' % exec_target)
                    else:
                        do_execute = True