[apparmor] [PATCH 1/5] parser: Add dbus eavesdrop permission support to apparmor_parser
Seth Arnold
seth.arnold at canonical.com
Wed Nov 20 19:09:49 UTC 2013
On Wed, Nov 20, 2013 at 07:24:12AM -0800, Tyler Hicks wrote:
> > > @@ -50,6 +50,7 @@ __BEGIN_DECLS
> > >
> > > #define AA_DBUS_SEND AA_MAY_WRITE
> > > #define AA_DBUS_RECEIVE AA_MAY_READ
> > > +#define AA_DBUS_EAVESDROP (1 << 5)
> > > #define AA_DBUS_BIND AA_MAY_BIND
> >
> > I'd rather this use AA_MAY_LOCK; if it is going to shadow the value, I
> > think it should be done explicitly, as the other three are.
>
> I agree that this needs some cleanup. I'm not sure that I agree that it
> should use AA_MAY_LOCK.
Well, I had a tear in my eye when I suggested it -- C's type system is not
really helping us here. Ideally, we'd have different enum types and the
compiler wouldn't let us screw up which ones we use where. But that's not
C.
I believe we need -some- way to keep track of what duplication we have in
our magic values, and outright naming them after each other seems the
easiest way to get there.
But I look forward to something better. :)
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20131120/9f5ded5b/attachment.pgp>
More information about the AppArmor
mailing list