| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1520561275.1367.10.camel@intel.com>
Date: Fri, 9 Mar 2018 02:07:56 +0000
From: "Zhang, Ning A" <ning.a.zhang@...el.com>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Roberts, William C" <william.c.roberts@...el.com>
Subject: Re: maybe a bug in SELinux: security_context_to_sid_core
Hi, Bill
For below SELinux behavior, do you know why.
BR.
Ning.
在 2018-02-28三的 14:47 +0800,Zhang Ning写道:
> Hi,
>
> Before SELinux is initialized, get scontext by secid by using:
>
> security_secctx_to_secid() may return wrong numbe
>
> eg:
> security_secctx_to_secid("devnull", strlen("devnull"), &sid);
>
> sid here will be 1
>
> because:
>
> in security_context_to_sid_core:
>
> ...
> if (!ss_initialized) {
> int i;
>
> for (i = 1; i < SECINITSID_NUM; i++) {
> if (!strcmp(initial_sid_to_string[i],
> scontext)) {
> *sid = i;
> return 0;
> }
> }
> *sid = SECINITSID_KERNEL;
> return 0;
> }
> ...
>
> and SECINITSID_DEVNULL equals to SECINITSID_NUM, and it will never get
> right secid for "devnull".
>
> is this by design or bug?
>
> BR.
> Ning.
Powered by blists - more mailing lists