lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Feb 2018 06:47:07 +0000
From:   "Zhang, Ning A" <ning.a.zhang@...el.com>
To:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: maybe a bug in SELinux: security_context_to_sid_core

Hi,

Before SELinux is initialized, get scontext by secid by using:

security_secctx_to_secid() may return wrong numbe

eg:
security_secctx_to_secid("devnull", strlen("devnull"), &sid);

sid here will be 1

because:

in security_context_to_sid_core:

...
	if (!ss_initialized) {
		int i;

		for (i = 1; i < SECINITSID_NUM; i++) {
			if (!strcmp(initial_sid_to_string[i],
scontext)) {
				*sid = i;
				return 0;
			}
		}
		*sid = SECINITSID_KERNEL;
		return 0;
	}
...

and SECINITSID_DEVNULL equals to SECINITSID_NUM, and it will never get
right secid for "devnull".

is this by design or bug?

BR.
Ning.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ