RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-04-11 04:01:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
8266fd9401
selinux/libselinux/man
History
Christian Göttsche a782abf226 libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 
Operating on a file descriptor avoids TOCTOU issues and one opened via
O_PATH avoids the requirement of having read access to the file.  Since
Linux does not natively support file descriptors opened via O_PATH in
fgetxattr(2) and at least glibc and musl does not emulate O_PATH support
in their implementations, fgetfilecon(3) and fsetfilecon(3) also do not
currently support file descriptors opened with O_PATH.

Inspired by CVE-2013-4392: https://github.com/systemd/systemd/pull/8583
Implementation adapted from: 2825f10b7f%5E%21/

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
2022-05-16 10:21:47 -04:00
..
man3 libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 2022-05-16 10:21:47 -04:00
man5 selinux(8,5): Describe fcontext regular expressions 2021-02-19 15:18:05 +01:00
man8 selinux.8: document how mount flag nosuid affects SELinux 2021-06-18 16:44:50 +02:00
ru libselinux: Fix Ru translation of failsafe context 2020-02-21 09:12:23 +01:00
Makefile Allow installing translated man pages 2019-01-28 12:03:57 +01:00