RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-27 00:12:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
f2b5aae4aa
selinux/libsepol
History
James Carter f2b5aae4aa libsepol: Fix neverallow bug when checking conditional policy 
Commit 9e6840e refactored neverallow checking. In the process a bug
was introduced that causes enabled conditional rules to be skipped.
The bug is that the avtab key is checked by comparing the specified
field of the key to the value AVTAB_ALLOWED. Since enabled conditional
rules have an additional bit set as well, these rules are not
considered to match.

The fix is to use a bitwise AND (&) to only check the desired bit.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2017-06-14 11:05:11 -04:00
..
cil libsepol/cil: ibendportcon fails to resolve in CIL policy 2017-06-12 11:13:25 -04:00
include semanage: Update semanage to allow runtime labeling of ibendports 2017-05-23 16:20:55 -04:00
man libsepol: constify sepol_genbools()'s boolpath parameter 2017-03-29 10:26:44 -04:00
src libsepol: Fix neverallow bug when checking conditional policy 2017-06-14 11:05:11 -04:00
tests sort input files 2017-06-01 14:00:30 -04:00
utils sort input files 2017-06-01 14:00:30 -04:00
.gitignore libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
COPYING initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSION files for 2.7-rc1 release. 2017-06-09 10:36:06 -04:00