RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-21 12:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
eee003f810
selinux/libsemanage
History
Petr Lautrbach eee003f810 libsemanage: Use umask(0077) for fopen() write operations 
When a calling process uses umask(0) some files in the SELinux module
store can be created to be world writeable. With this patch, libsemanage
sets umask(0077) before fopen() operations and restores the original
umask value when it's done.

Fixes:
drwx------. /var/lib/selinux/targeted/active
-rw-rw-rw-. /var/lib/selinux/targeted/active/booleans.local
-rw-rw-rw-. /var/lib/selinux/targeted/active/policy.linked
-rw-rw-rw-. /var/lib/selinux/targeted/active/seusers.local

drwx------. /var/lib/selinux/targeted/active/modules/400/permissive_sshd_t
-rw-rw-rw-. /var/lib/selinux/targeted/active/modules/400/permissive_sshd_t/cil
-rw-rw-rw-. /var/lib/selinux/targeted/active/modules/400/permissive_sshd_t/lang_ext
drwx------. /var/lib/selinux/targeted/active/modules/disabled
-rw-rw-rw-. /var/lib/selinux/targeted/active/modules/disabled/zosremote

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2017-12-01 08:56:10 -05:00
..
example Author: Daniel J Walsh 2008-09-15 09:25:33 -04:00
include libsemanage: Add support for listing fcontext.homedirs file 2017-10-04 14:18:58 -04:00
man libsemanage: Add option to remove HLL files after compilation 2015-02-27 08:41:59 -05:00
src libsemanage: Use umask(0077) for fopen() write operations 2017-12-01 08:56:10 -05:00
tests libsemanage/tests: fix linking 2017-06-21 10:31:36 -04:00
utils Fix recently introduced TabError's 2017-05-26 10:19:10 -04:00
.gitignore Add subdirectory .gitignore files. 2009-10-20 21:25:55 -04:00
COPYING initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libsemanage: semanage store migration script 2014-08-26 08:03:31 -04:00
VERSION Update VERSION files for 2.7 release. 2017-08-04 09:31:00 -04:00