touch-packages team mailing list archive

Thread
Date
[Bug 1310598] Re: AppArmor python tools fail to parse mounts with UTF-8 non-ascii characters

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Zakhar <1310598@xxxxxxxxxxxxxxxxxx>
Date: Mon, 02 Mar 2015 20:21:19 -0000
Reply-to: Bug 1310598 <1310598@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Thanks Christian for the heavy lifting on the mailinglist and bzr.

I didn't understand, on the FAQ, about yielding permissions to Canonical. Is that about proposing patches on Launchpad itself, or does it also apply for projects hosted on launchpad.
Anyway, to whomever, Canonical or "upstream team" for aa-status, I grant all rights for that patch... and as a courtesy, as far as possible, I'll appreciate to be listed under the contributors *Alain BENEDETTI* (if there is such list of contributors for this project).

I'm also very sorry, I see that the launchpad munched the Python
indentation in my diff quote. If you need a cleaner diff, I'll be glad
to attach it, but I'm assuming you corrected the wrong indentations from
the post above!


For the record I did also try to correct applying a locale. That is impractical because when aa-status is run first, from the apparmor script in the init.d, the environment has no locale. When you run it later, once connected to a session, that works because it then gets the locale of the session, which is generally UTF-8.
After further reading, I saw that the kernel considered mountpoints as binary strings, thus I did accordingly.

I also tested "security tricks", like naming a directory: "pwned securityfs" with a "space" (ASCII 0x20) in the name, which is totally legal, and same for "\n" which is also legal in paths!
Fortunately, that does break aa-status, because in such cases the kernel "escapes" the names, and you would get:
"pwned\040securityfs"... so all seems safe for security, even if you try fancy mountpoints!

(otherwise I would have opened another undisclosed ticket)

Regards.
Alain

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1310598

Title:
  AppArmor python tools fail to parse mounts with UTF-8 non-ascii
  characters

Status in AppArmor Linux application security framework:
  Triaged
Status in apparmor package in Ubuntu:
  Triaged

Bug description:
  Version:
  14.04 Fresh Install.

  $ uname -a
  Linux alain-Desktop 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

  
  AppArmor crashes with this stack trace:

  PythonArgs: ['/usr/sbin/aa-status']
  Traceback:
   Traceback (most recent call last):
     File "/usr/sbin/aa-status", line 194, in <module>
       commands[cmd]()
     File "/usr/sbin/aa-status", line 17, in cmd_enabled
       if get_profiles() == {}:
     File "/usr/sbin/aa-status", line 82, in get_profiles
       apparmorfs = find_apparmorfs()
     File "/usr/sbin/aa-status", line 137, in find_apparmorfs
       for p in open("/proc/mounts").readlines():
     File "/usr/lib/python3.4/encodings/ascii.py", line 26, in decode
       return codecs.ascii_decode(input, self.errors)[0]
   UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1200: ordinal not in range(128)

  
  That is because I have a UTF-8 non-Ascii character in one of my mounts:
  $ mount
  /dev/sdb1 on / type ext4 (rw,errors=remount-ro)
  proc on /proc type proc (rw,noexec,nosuid,nodev)
  sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)

  (...)
  /dev/sda6 on /home/alain/Vidéos type ext4 (rw,relatime,errors=remount-ro)
  (...)


  
  The Python code of aastatus near line 135 shows:

  def find_apparmorfs():
      '''Finds AppArmor mount point'''
      for p in open("/proc/mounts").readlines():
          if p.split()[2] == "securityfs" and \
             os.path.exists(os.path.join(p.split()[1], "apparmor")):
              return os.path.join(p.split()[1], "apparmor")
      return False


  So if I do:
  $ cat /proc/mounts
  rootfs / rootfs rw 0 0
  sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0

  (...) 
  /dev/sda6 /home/alain/Vidéos ext4 rw,relatime,errors=remount-ro,data=ordered 0 0
  (...)

  There is indeed a line with a 'é'

  UTF-8 code of the 'é' is 0xC3 0xA9

  But apparently the call to .readlines() is set as ASCII and hence does
  NOT support the 0xC3 (first byte of the 'é' in UTF-8) and then it
  crashes.

  I assume the solution could be to correctly read as UTF-8 as there are
  some non-Americans/English out there!

  Sorry my knowledge of Python is just enough to understand the bug, and
  not enough to submit a patch.

  Regards.
  Alain

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1310598/+subscriptions