| 193 |
@ Fix handling of trailing '\*' in PathMatchesToPattern(). |
@ Fix handling of trailing '\*' in PathMatchesToPattern(). |
| 194 |
|
|
| 195 |
PathMatchesToPattern("/tmp/", "/tmp/\*") returned true |
PathMatchesToPattern("/tmp/", "/tmp/\*") returned true |
| 196 |
because "\*" matches to "more than or equals to 0 character |
because "\*" matches "zero or more repetitions of characters |
| 197 |
until '/' or end". But since this is a comparison between |
until '/' or end". But since this is a comparison between |
| 198 |
directory and non-directory, this should not match. |
directory and non-directory, this should not match. |
| 199 |
|
|
| 404 |
|
|
| 405 |
@ Change behavior of pathname pattern matching. |
@ Change behavior of pathname pattern matching. |
| 406 |
|
|
| 407 |
Until now, it was impossible to use patterns like "\*.txt" |
Until now, it was impossible to use patterns like "\*.txt" because |
| 408 |
because "\*" matched to more than 0 characters until next '/'. |
"\*" matched zero or more repetitions of characters until next '/'. |
| 409 |
Now, "\*" matches to more than 0 characters. |
Now, "\*" matches zero or more repetitions of characters. |
| 410 |
|
|
| 411 |
Until now, it was impossible to use patterns like "\$00" |
Until now, it was impossible to use patterns like "\$00" |
| 412 |
because "\$" matched to more than 1 digits until next |
because "\$" matched one or more repetitions of digits until next |
| 413 |
non digit character. |
non digit character. |
| 414 |
Now, "\$" matches to more than 1 digits. |
Now, "\$" matches one or more repetitions of digits. |
| 415 |
|
|
| 416 |
Also, new patterns "\x" "\X" "\a" "\A" "\@" are added. |
Also, new patterns "\x" "\X" "\a" "\A" "\@" are added. |
| 417 |
|
|
| 428 |
|
|
| 429 |
@ Change matching rule for CheckFileACL(). |
@ Change matching rule for CheckFileACL(). |
| 430 |
|
|
| 431 |
Until now, only first entry that matched to the requested pathname |
Until now, only first entry that matched the requested pathname |
| 432 |
was used for permission checking. For example, two entries |
was used for permission checking. For example, two entries |
| 433 |
|
|
| 434 |
"2 /tmp/file-\$.txt" |
"2 /tmp/file-\$.txt" |
| 444 |
This may potentially cause trouble because the result of |
This may potentially cause trouble because the result of |
| 445 |
permission checks depends on the order of entries. |
permission checks depends on the order of entries. |
| 446 |
|
|
| 447 |
Now, all entries that matched to the requested pathname |
Now, all entries that matched the requested pathname |
| 448 |
are used for permission checking so that the result of |
are used for permission checking so that the result of |
| 449 |
permission checks doesn't depend on the order of entries. |
permission checks doesn't depend on the order of entries. |
| 450 |
|
|
| 492 |
"6 /home/\*/\* if task.uid=path1.uid" |
"6 /home/\*/\* if task.uid=path1.uid" |
| 493 |
|
|
| 494 |
allows the domain to read-write user's home directory |
allows the domain to read-write user's home directory |
| 495 |
only when the file's owner matches to the process's uid. |
only when the file's owner matches the process's uid. |
| 496 |
|
|
| 497 |
Fix 2006/08/22 |
Fix 2006/08/22 |
| 498 |
|
|
| 758 |
if /some/program is called from "some_domain" domain. |
if /some/program is called from "some_domain" domain. |
| 759 |
|
|
| 760 |
"some_domain" can be just the last component of domainname. |
"some_domain" can be just the last component of domainname. |
| 761 |
For example, giving "/bin/mail" as "some_domain" matches to |
For example, giving "/bin/mail" as "some_domain" matches |
| 762 |
all domains whose domainname ends with "/bin/mail". |
all domains whose domainname ends with "/bin/mail". |
| 763 |
|
|
| 764 |
Fix 2007/01/19 |
Fix 2007/01/19 |
TOMOYO
Parent Directory
Revision Log
Patch