selinux/libselinux
Richard Haines 34d9c258da libselinux: mapping fix for invalid class/perms after selinux_set_mapping call
Please find another libselinux patch. I've tested quite extensively with the compute_av and string functions with and without mapping and seems okay.

The patch covers:
When selinux_set_mapping(3) is used to set the class and permissions allowed by an object manager, then an invalid class and/or permissions are selected (e.g. using security_class_to_string), then mapping.c in libselinux forces an assert. This patch removes the asserts and allows the functions to return a class/perm of 0 (unknown) with errno set to EINVAL. A minor patch to set EINVAL in security_av_perm_to_string_compat is also included. All the functions to convert perms & classes to strings and back should now return the correct errno with or without mapping enabled.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2011-08-11 23:35:52 -04:00
..
include This patch adds a new subs_dist file. 2011-04-08 10:28:02 -04:00
man libselinux: new setexecon utility 2011-08-02 13:33:35 -04:00
src libselinux: mapping fix for invalid class/perms after selinux_set_mapping call 2011-08-11 23:35:52 -04:00
utils libselinux: resolv symlinks and dot directories before matching paths 2011-08-11 23:35:48 -04:00
ChangeLog update repo for 2011-08-03 with version and changelog updates 2011-08-03 18:09:02 -04:00
LICENSE initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
VERSION update repo for 2011-08-03 with version and changelog updates 2011-08-03 18:09:02 -04:00