New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"yes to all" does nothing on qrexec service call with specific argument #2403
Comments
Automated announcement from builder-github The package
|
I think this fix is wrong. I have detailed what I think the error is here, as well as an outline of what should be done instead: marmarek/qubes-core-admin-linux@1dff636#commitcomment-19626640 |
As discussed below the commit, copying generic policy to the argument specific one, at the time of first "yes to all" isn't the best idea. Better would be including generic one from specific one. But this must be done explicitly to avoid unwanted side effects. Assumptions and constrains
Proposal 1Add Proposal 2Similar to "Proposal 1", but without implicit deny at the end of included file. On the one hand it will be more flexible, but on the other hand it makes the file have implicit deny and sometime have not, depending on how the file is loaded. This somehow violates requirement no 2. But at the same time, it's better match for keyword |
Cool! I'll take a look at this again when I wake up.
|
Automated announcement from builder-github The package
Or update dom0 via Qubes Manager. |
This issue is being closed because:
If anyone believes that this issue should be reopened, please let us know in a comment here. |
Qubes OS version (e.g.,
R3.1
):R3.2
Expected behavior:
"always allow" permission is saved for this particular service argument
Actual behavior:
Nothing happens.
Steps to reproduce the behavior:
Call a service with some argument.
General notes:
Reported by @Rudd-O
The text was updated successfully, but these errors were encountered: