[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] selinux-h: add stubs for selabel_open etc.

From: Paul Eggert
Subject: Re: [PATCH] selinux-h: add stubs for selabel_open etc.
Date: Sat, 21 Nov 2020 18:45:22 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.2

Yes, it's looking like great minds think alike.

The coreutils patch I had prepared is fancier than yours, though, as it caches the result of selabel_open and this should yield better performance.

I don't use SELinux either. From the look of the coreutils source it appears that the coreutils SELinux code has some issues (multiple FIXMEs and some other questionable stuff). I fixed one or two of the problems I found, but it would be better if someone who cares about SELinux would audit the coreutils SELinux code more carefully, as I'm pretty sure there are bugs in there, at least with respect to diagnostics that are not issued when they should be. Also, the attached patches could have introduced some bugs on SELinux.

At least these patches (which I just installed into coreutils) fix the broken build on Ubuntu 20.10 (also, on Solaris 10, which I found while doing a porting test of all this stuff).

Attachment: 0001-build-update-gnulib-submodule-to-latest.patch
Description: Text Data

Attachment: 0002-build-port-to-Solaris-10.patch
Description: Text Data

Attachment: 0003-maint-port-from-matchpathcon-to-selabel_lookup.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]