Re: CVS commit: src/bin/systrace

To: Elad Efrat <elad%NetBSD.org@localhost>
Subject: Re: CVS commit: src/bin/systrace
From: Niels Provos <provos%citi.umich.edu@localhost>
Date: Wed, 10 Aug 2005 23:51:08 -0400

Well, the man pages says:

        inpath   Evaluates to true if the system call argument is a subpath of
                 cmdstring.

subpath is to be interpreted as subset.  So, any path that is covered by
cmdstring would make inpath evaluate to true.

Please fix.  This is going to screw up all people who have working systrace
policies using inpath at the moment.  For the effect that you want, it's
easy to use a regular expression:

  filename re "^/usr/some/path/.*"

Niels.

On Wed, Aug 10, 2005 at 10:39:51PM +0300, Elad Efrat wrote:
> Niels Provos wrote:
> 
> >then inpath "/usr/home/elad" matches
> >
> >  cd "/usr/home/elad"
> >  cd "/usr/home"
> >  cd "/usr"
> >  cd "/"
> 
> From the manual, I was under the impression that inpath is used to
> evaluate subdirs, so that inpath "/usr/home/elad" should match
> anything in that directory and below:
> 
>       cd "/usr/home/elad/foo"
>       cd "/usr/home/elad/bar"
> 
> ...or, at least, that what seems logical given the name "inpath"
> and the explanation in systrace(1).
> 
> -e.
> 
> -- 
> Elad Efrat
> PGP Key ID: 0x666EB914

References:
- CVS commit: src/bin/systrace
  - From: Elad Efrat
- Re: CVS commit: src/bin/systrace
  - From: Niels Provos
- Re: CVS commit: src/bin/systrace
  - From: Elad Efrat

Prev by Date: CVS commit: src/bin/systrace
Next by Date: CVS commit: src/share/man/man9
Previous by Thread: Re: CVS commit: src/bin/systrace
Next by Thread: CVS commit: src/share/man/man4
Indexes:

Home | Main Index | Thread Index | Old Index