On Tue, 2008-05-20 at 16:08 -0400, Stephen Smalley wrote:
Use non-auditing forms of the permission checks as getxattr may be called by unprivileged processes commonly and lack of permission just means that we fall back to the in-core context value, not a denial.
If we do put this on list, lets make this an in code comment so its easy to remember in another 100 years when the next poor sap has to figure out what I am doing these days :)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 4be1563..fe4f9ad 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2765,12 +2765,24 @@ static int selinux_inode_getsecurity(const struct inode *inode, const char *name u32 size; int error; char *context = NULL;
struct task_security_struct *tsec = current->security; struct inode_security_struct *isec = inode->i_security;
if (strcmp(name, XATTR_SELINUX_SUFFIX)) return -EOPNOTSUPP;
- error = security_sid_to_context(isec->sid, &context, &size);
- error = secondary_ops->capable(current, CAP_MAC_ADMIN);
- if (!error)
error = avc_has_perm_noaudit(tsec->sid, tsec->sid,
SECCLASS_CAPABILITY2,
CAPABILITY2__MAC_ADMIN,
0,
NULL);
- if (!error)
error = security_sid_to_context_force(isec->sid, &context,
&size);
- else
if (error) return error; error = size;error = security_sid_to_context(isec->sid, &context, &size);