| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1519800427.32465.22.camel@intel.com>
Date: Wed, 28 Feb 2018 06:47:07 +0000
From: "Zhang, Ning A" <ning.a.zhang@...el.com>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: maybe a bug in SELinux: security_context_to_sid_core
Hi,
Before SELinux is initialized, get scontext by secid by using:
security_secctx_to_secid() may return wrong numbe
eg:
security_secctx_to_secid("devnull", strlen("devnull"), &sid);
sid here will be 1
because:
in security_context_to_sid_core:
...
if (!ss_initialized) {
int i;
for (i = 1; i < SECINITSID_NUM; i++) {
if (!strcmp(initial_sid_to_string[i],
scontext)) {
*sid = i;
return 0;
}
}
*sid = SECINITSID_KERNEL;
return 0;
}
...
and SECINITSID_DEVNULL equals to SECINITSID_NUM, and it will never get
right secid for "devnull".
is this by design or bug?
BR.
Ning.
Powered by blists - more mailing lists