[apparmor] [patch 12/12] split accept perm processing from rule parsing
Steve Beattie
steve at nxnw.org
Wed Aug 20 08:18:53 UTC 2014
On Fri, Aug 15, 2014 at 12:20:47PM -0700, john.johansen at canonical.com wrote:
> Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-by: Steve Beattie <steve at nxnw.org>
> + /*
> + * Check if we have an expression with or without wildcards. This
> + * determines how exec modifiers are merged in accept_perms() based
> + * on how we split permission bitmasks here.
> + */
> + exact_match = 1;
> + for (depth_first_traversal i(tree); i && exact_match; i++) {
> + if (dynamic_cast<StarNode *>(*i) ||
> + dynamic_cast<PlusNode *>(*i) ||
> + dynamic_cast<AnyCharNode *>(*i) ||
> + dynamic_cast<CharSetNode *>(*i) ||
> + dynamic_cast<NotCharSetNode *>(*i))
> + exact_match = 0;
> + }
One of these days I'll get around to pushing an is_exact_match()
method into each of the Node classes so that all the dynamic_casts
don't need to occur while walking the tree. Or maybe someone else will,
which would be great, too.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140820/0368947b/attachment.pgp>
More information about the AppArmor
mailing list