[redhat-lspp] security context in audit records (audit.39 kernel)
Stephen Smalley
sds at tycho.nsa.gov
Fri May 20 12:54:20 UTC 2005
On Fri, 2005-05-20 at 08:49 -0400, Stephen Smalley wrote:
> Any reason you can't use your selinux_getsecurity() helper for
> selinux_getprocattr() now that you are having it also return len for a
> NULL value? However, a note of caution: while proc_pid_attr_read will
> never pass a NULL value (and thus you can use that as your check for
> returning the actual length), it could possibly pass a 0 size if
> userspace passed a 0 size to the read(2) call, in which case it would
> _not_ expect getprocattr to be returning a non-zero length. So you
> might need getprocattr to still reject a zero size with -ERANGE
> (restoring the original check). This would still allow you to use
> selinux_getsecurity(), as long as you check for the 0 size first so it
> never reaches it in that case.
Actually, that is unpleasant because then you can't pass a 0 size along
with your NULL value for your call. Ok, what if we instead disallow a 0
size with a non-NULL buffer, but allow a 0 size with a NULL buffer?
That will let your code call with a NULL buffer and 0 size to obtain the
length, while ensuring that proc_pid_attr_read never gets confused since
it always passes a non-NULL page.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list