| Server IP : 23.254.227.96 / Your IP : 216.73.216.21 Web Server : Apache/2.4.62 (Unix) OpenSSL/1.1.1k System : Linux hwsrv-1277026.hostwindsdns.com 4.18.0-477.13.1.el8_8.x86_64 #1 SMP Tue May 30 14:53:41 EDT 2023 x86_64 User : viralblo ( 1001) PHP Version : 8.1.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /usr/lib64/python3.6/site-packages/setools/diff/ |
Upload File : |
# Copyright 2015, Tresys Technology, LLC
# Copyright 2018, Chris PeBenito <pebenito@ieee.org>
#
# This file is part of SETools.
#
# SETools is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation, either version 2.1 of
# the License, or (at your option) any later version.
#
# SETools is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with SETools. If not, see
# <http://www.gnu.org/licenses/>.
#
from collections import defaultdict, namedtuple
from contextlib import suppress
from ..exception import NoCommon
from .descriptors import DiffResultDescriptor
from .difference import Difference, SymbolWrapper
modified_classes_record = namedtuple("modified_class", ["added_perms",
"removed_perms",
"matched_perms"])
_class_cache = defaultdict(dict)
def class_wrapper_factory(class_):
"""
Wrap class from the specified policy.
This caches results to prevent duplicate wrapper
objects in memory.
"""
try:
return _class_cache[class_.policy][class_]
except KeyError:
c = SymbolWrapper(class_)
_class_cache[class_.policy][class_] = c
return c
class ObjClassDifference(Difference):
"""
Determine the difference in object classes
between two policies.
"""
added_classes = DiffResultDescriptor("diff_classes")
removed_classes = DiffResultDescriptor("diff_classes")
modified_classes = DiffResultDescriptor("diff_classes")
def diff_classes(self):
"""Generate the difference in object classes between the policies."""
self.log.info(
"Generating class differences from {0.left_policy} to {0.right_policy}".format(self))
self.added_classes, self.removed_classes, matched_classes = self._set_diff(
(SymbolWrapper(c) for c in self.left_policy.classes()),
(SymbolWrapper(c) for c in self.right_policy.classes()))
self.modified_classes = dict()
for left_class, right_class in matched_classes:
# Criteria for modified classes
# 1. change to permissions (inherited common is expanded)
left_perms = left_class.perms
with suppress(NoCommon):
left_perms |= left_class.common.perms
right_perms = right_class.perms
with suppress(NoCommon):
right_perms |= right_class.common.perms
added_perms, removed_perms, matched_perms = self._set_diff(left_perms,
right_perms,
unwrap=False)
if added_perms or removed_perms:
self.modified_classes[left_class] = modified_classes_record(added_perms,
removed_perms,
matched_perms)
#
# Internal functions
#
def _reset_diff(self):
"""Reset diff results on policy changes."""
self.log.debug("Resetting object class differences")
self.added_classes = None
self.removed_classes = None
self.modified_classes = None