* [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398)
@ 2021-07-30 11:52 Petr Lautrbach
2021-07-30 14:23 ` James Carter
0 siblings, 1 reply; 3+ messages in thread
From: Petr Lautrbach @ 2021-07-30 11:52 UTC (permalink / raw)
To: selinux; +Cc: Petr Lautrbach
Fixes:
Error: COPY_PASTE_ERROR (CWE-398): [#def3]
selinux/python/sepolicy/sepolicy/__init__.py:1032: original: ""_key_t"" looks like the original copy.
selinux/python/sepolicy/sepolicy/__init__.py:1035: copy_paste_error: ""_key_t"" looks like a copy-paste error.
selinux/python/sepolicy/sepolicy/__init__.py:1035: remediation: Should it say ""_secret_t"" instead?
# 1033|
# 1034| if f.endswith("_secret_t"):
# 1035|-> return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
# 1036|
# 1037| if f.endswith("_ra_t"):
Error: COPY_PASTE_ERROR (CWE-398): [#def4]
selinux/python/sepolicy/sepolicy/__init__.py:1065: original: ""_tmp_t"" looks like the original copy.
selinux/python/sepolicy/sepolicy/__init__.py:1067: copy_paste_error: ""_tmp_t"" looks like a copy-paste error.
selinux/python/sepolicy/sepolicy/__init__.py:1067: remediation: Should it say ""_etc_t"" instead?
# 1065| return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
# 1066| if f.endswith("_etc_t"):
# 1067|-> return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
# 1068| if f.endswith("_home_t"):
# 1069| return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---
python/sepolicy/sepolicy/__init__.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
index df773a6b314e..6b6160a449df 100644
--- a/python/sepolicy/sepolicy/__init__.py
+++ b/python/sepolicy/sepolicy/__init__.py
@@ -1039,7 +1039,7 @@ def get_description(f, markup=markup):
return txt + "treat the files as %s key data." % prettyprint(f, "_key_t")
if f.endswith("_secret_t"):
- return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
+ return txt + "treat the files as %s secret data." % prettyprint(f, "_secret_t")
if f.endswith("_ra_t"):
return txt + "treat the files as %s read/append content." % prettyprint(f, "_ra_t")
@@ -1071,7 +1071,7 @@ def get_description(f, markup=markup):
if f.endswith("_tmp_t"):
return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
if f.endswith("_etc_t"):
- return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
+ return txt + "store %s files in the /etc directories." % prettyprint(f, "_etc_t")
if f.endswith("_home_t"):
return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
if f.endswith("_tmpfs_t"):
--
2.32.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398)
2021-07-30 11:52 [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398) Petr Lautrbach
@ 2021-07-30 14:23 ` James Carter
2021-08-03 14:04 ` James Carter
0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2021-07-30 14:23 UTC (permalink / raw)
To: Petr Lautrbach; +Cc: SElinux list
On Fri, Jul 30, 2021 at 7:55 AM Petr Lautrbach <plautrba@redhat.com> wrote:
>
> Fixes:
> Error: COPY_PASTE_ERROR (CWE-398): [#def3]
> selinux/python/sepolicy/sepolicy/__init__.py:1032: original: ""_key_t"" looks like the original copy.
> selinux/python/sepolicy/sepolicy/__init__.py:1035: copy_paste_error: ""_key_t"" looks like a copy-paste error.
> selinux/python/sepolicy/sepolicy/__init__.py:1035: remediation: Should it say ""_secret_t"" instead?
> # 1033|
> # 1034| if f.endswith("_secret_t"):
> # 1035|-> return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
> # 1036|
> # 1037| if f.endswith("_ra_t"):
>
> Error: COPY_PASTE_ERROR (CWE-398): [#def4]
> selinux/python/sepolicy/sepolicy/__init__.py:1065: original: ""_tmp_t"" looks like the original copy.
> selinux/python/sepolicy/sepolicy/__init__.py:1067: copy_paste_error: ""_tmp_t"" looks like a copy-paste error.
> selinux/python/sepolicy/sepolicy/__init__.py:1067: remediation: Should it say ""_etc_t"" instead?
> # 1065| return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
> # 1066| if f.endswith("_etc_t"):
> # 1067|-> return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
> # 1068| if f.endswith("_home_t"):
> # 1069| return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
>
> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Acked-by: James Carter <jwcart2@gmail.com>
> ---
> python/sepolicy/sepolicy/__init__.py | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
> index df773a6b314e..6b6160a449df 100644
> --- a/python/sepolicy/sepolicy/__init__.py
> +++ b/python/sepolicy/sepolicy/__init__.py
> @@ -1039,7 +1039,7 @@ def get_description(f, markup=markup):
> return txt + "treat the files as %s key data." % prettyprint(f, "_key_t")
>
> if f.endswith("_secret_t"):
> - return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
> + return txt + "treat the files as %s secret data." % prettyprint(f, "_secret_t")
>
> if f.endswith("_ra_t"):
> return txt + "treat the files as %s read/append content." % prettyprint(f, "_ra_t")
> @@ -1071,7 +1071,7 @@ def get_description(f, markup=markup):
> if f.endswith("_tmp_t"):
> return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
> if f.endswith("_etc_t"):
> - return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
> + return txt + "store %s files in the /etc directories." % prettyprint(f, "_etc_t")
> if f.endswith("_home_t"):
> return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
> if f.endswith("_tmpfs_t"):
> --
> 2.32.0
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398)
2021-07-30 14:23 ` James Carter
@ 2021-08-03 14:04 ` James Carter
0 siblings, 0 replies; 3+ messages in thread
From: James Carter @ 2021-08-03 14:04 UTC (permalink / raw)
To: Petr Lautrbach; +Cc: SElinux list
On Fri, Jul 30, 2021 at 10:23 AM James Carter <jwcart2@gmail.com> wrote:
>
> On Fri, Jul 30, 2021 at 7:55 AM Petr Lautrbach <plautrba@redhat.com> wrote:
> >
> > Fixes:
> > Error: COPY_PASTE_ERROR (CWE-398): [#def3]
> > selinux/python/sepolicy/sepolicy/__init__.py:1032: original: ""_key_t"" looks like the original copy.
> > selinux/python/sepolicy/sepolicy/__init__.py:1035: copy_paste_error: ""_key_t"" looks like a copy-paste error.
> > selinux/python/sepolicy/sepolicy/__init__.py:1035: remediation: Should it say ""_secret_t"" instead?
> > # 1033|
> > # 1034| if f.endswith("_secret_t"):
> > # 1035|-> return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
> > # 1036|
> > # 1037| if f.endswith("_ra_t"):
> >
> > Error: COPY_PASTE_ERROR (CWE-398): [#def4]
> > selinux/python/sepolicy/sepolicy/__init__.py:1065: original: ""_tmp_t"" looks like the original copy.
> > selinux/python/sepolicy/sepolicy/__init__.py:1067: copy_paste_error: ""_tmp_t"" looks like a copy-paste error.
> > selinux/python/sepolicy/sepolicy/__init__.py:1067: remediation: Should it say ""_etc_t"" instead?
> > # 1065| return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
> > # 1066| if f.endswith("_etc_t"):
> > # 1067|-> return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
> > # 1068| if f.endswith("_home_t"):
> > # 1069| return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
> >
> > Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
>
> Acked-by: James Carter <jwcart2@gmail.com>
>
Merged.
Thanks,
Jim
> > ---
> > python/sepolicy/sepolicy/__init__.py | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
> > index df773a6b314e..6b6160a449df 100644
> > --- a/python/sepolicy/sepolicy/__init__.py
> > +++ b/python/sepolicy/sepolicy/__init__.py
> > @@ -1039,7 +1039,7 @@ def get_description(f, markup=markup):
> > return txt + "treat the files as %s key data." % prettyprint(f, "_key_t")
> >
> > if f.endswith("_secret_t"):
> > - return txt + "treat the files as %s secret data." % prettyprint(f, "_key_t")
> > + return txt + "treat the files as %s secret data." % prettyprint(f, "_secret_t")
> >
> > if f.endswith("_ra_t"):
> > return txt + "treat the files as %s read/append content." % prettyprint(f, "_ra_t")
> > @@ -1071,7 +1071,7 @@ def get_description(f, markup=markup):
> > if f.endswith("_tmp_t"):
> > return txt + "store %s temporary files in the /tmp directories." % prettyprint(f, "_tmp_t")
> > if f.endswith("_etc_t"):
> > - return txt + "store %s files in the /etc directories." % prettyprint(f, "_tmp_t")
> > + return txt + "store %s files in the /etc directories." % prettyprint(f, "_etc_t")
> > if f.endswith("_home_t"):
> > return txt + "store %s files in the users home directory." % prettyprint(f, "_home_t")
> > if f.endswith("_tmpfs_t"):
> > --
> > 2.32.0
> >
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-08-03 14:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-30 11:52 [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398) Petr Lautrbach
2021-07-30 14:23 ` James Carter
2021-08-03 14:04 ` James Carter
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.