AppArmor require absolute paths

Fixes https://launchpad.net/bugs/460271

* src/security/virt-aa-helper.c: require absolute path for dynamic added
  files. This is required by AppArmor and conveniently prevents adding
  tcp consoles to the profile

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 116aef5c67a41eab95d7ebfbc634a507d3bcb22a..498979873450e395b0645cf33dc661684a2f4835 100644 (file)
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -517,6 +517,10 @@ valid_path(const char *path, const bool readonly)
     if (strchr(path, '"') != NULL)
         return 1;
 
+    /* Require an absolute path */
+    if (STRNEQLEN(path, "/", 1))
+        return 1;
+
     if (!virFileExists(path))
         vah_warning("path does not exist, skipping file type checks");
     else {
@@ -718,6 +722,16 @@ vah_add_file(virBufferPtr buf, const char *path, const char *perms)
     if (path == NULL)
         return rc;
 
+    /* Skip files without an absolute path. Not having one confuses the
+     * apparmor parser and this also ensures things like tcp consoles don't
+     * get added to the profile.
+     */
+    if (STRNEQLEN(path, "/", 1)) {
+        vah_warning(path);
+        vah_warning("  skipped non-absolute path");
+        return 0;
+    }
+
     if (virFileExists(path)) {
         if ((tmp = realpath(path, NULL)) == NULL) {
             vah_error(NULL, 0, path);