Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

Stephen Smalley wrote: On 10/20/2015 09:42 AM, Joshua Brindle wrote: Stephen Smalley wrote: Wondering if dependency on openssl might be a license issue for Debian or others. Apparently openssl license is considered GPL-incompatible [1] [2], and obviously libselinux is linked by a variety

Re: did libselinux grow a new build dependency? (openssl-devel: openssl.h)

Stephen Smalley wrote: Wondering if dependency on openssl might be a license issue for Debian or others. Apparently openssl license is considered GPL-incompatible [1] [2], and obviously libselinux is linked by a variety of GPL-licensed programs. Fedora seems to view this as falling under the

Re: [PATCH] libselinux: Verify context input to funtions to make sure the context field is not null.

Steve Lawrence wrote: I believe this patch, or something similar, was sent to the list in the past and was rejected. Passing in a NULL context is considered invalid use, similar to strdup/strcmp/etc. and is a bug in the calling process. It isn't unreasonable for an API to indicate invalid

Re: [PATCH] update deps and change yum to dnf

Dominick Grift wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, Jan 04, 2016 at 05:30:31PM +0100, Dominick Grift wrote: On Mon, Jan 04, 2016 at 09:23:54AM -0500, Joshua Brindle wrote: --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b

Re: XWindows and CLIP?

John Chludzinski wrote: What are the issues with XWindows and CLIP? Why is CLIP XWindow-less? CLIP strives to be a minimal system suited to secure solutions and does not come with software not necessary for such systems (e.g., cross domain solutions). Is there something inherently

[PATCH 2/2] Correctly detect unknown classes in sepol_string_to_security_class

Bail before running off the end of the class index Change-Id: I47c4eaac3c7d789f8d85047e34e37e3f0bb38b3a Signed-off-by: Joshua Brindle <brin...@quarksecurity.com> --- libsepol/src/services.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libsepol/src/services.c b/li

[PATCH 1/2] Modify audit2why analyze function to use loaded policy

Class and perms should come from the policy being used for analysis, not the system policy so use sepol_ interfaces Change-Id: Ia0590ed2514249fd98810a8d4fe87f8bf5280561 Signed-off-by: Joshua Brindle <brin...@quarksecurity.com> --- libselinux/src/audit2why.c | 8 1 file chan

[PATCH] Correctly detect unknown classes in sepol_string_to_security_class

Bail before running off the end of the class index Change-Id: I47c4eaac3c7d789f8d85047e34e37e3f0bb38b3a Signed-off-by: Joshua Brindle <brin...@quarksecurity.com> --- libsepol/src/services.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libsepol/src/services.c b/li

[PATCH] Modify audit2why analyze function to use loaded policy

Class and perms should come from the policy being used for analysis, not the system policy so use sepol_ interfaces Change-Id: Ia0590ed2514249fd98810a8d4fe87f8bf5280561 --- libselinux/src/audit2why.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git

Re: [PATCH] Correctly detect unknown classes in sepol_string_to_security_class

Joshua Brindle wrote: Bail before running off the end of the class index This one correctly goes all the way to the end of the classes index, the last version did not. Change-Id: I47c4eaac3c7d789f8d85047e34e37e3f0bb38b3a Signed-off-by: Joshua Brindle<brin...@quarksecurity.

Re: [PATCH] Modify audit2why analyze function to use loaded policy

Joshua Brindle wrote: Class and perms should come from the policy being used for analysis, not the system policy so use sepol_ interfaces Hrm, this solved my original problem which was that I was getting the wrong answer back from audit2why (classes in my policy that weren't in the system

Re: [PATCH] Correctly detect unknown classes in sepol_string_to_security_class

Stephen Smalley wrote: On 06/03/2016 11:17 AM, Joshua Brindle wrote: Bail before running off the end of the class index Change-Id: I47c4eaac3c7d789f8d85047e34e37e3f0bb38b3a Signed-off-by: Joshua Brindle<brin...@quarksecurity.com> Applied this one and then rewrote it to use hashtab_

Re: [PATCH] selinux: Build policy on systems not supporting DCCP protocol

Richard Haines wrote: Commit 3895fbbe0cf2ec52d6b6eda66084b6e9f8d88fb2 ("selinux: Add support for portcon dccp protocol") added support for the (portcon dccp ..) statement. This fix will allow policy to be built on platforms (see [1]) that do not have DCCP support by defining the IANA assigned IP

Re: Libsepol Mac Build Errors

William Roberts wrote: On Fri, Sep 23, 2016 at 6:10 PM, Joshua Brindle <brin...@quarksecurity.com> wrote: william.c.robe...@intel.com wrote: The patches below fix some warnings reported by Josh Brindle on the libsepol build. Josh can you test these and see if those three warning g

Re: Libsepol Mac Build Errors

william.c.robe...@intel.com wrote: The patches below fix some warnings reported by Josh Brindle on the libsepol build. Josh can you test these and see if those three warning go away and give an ack if they are ok? [PATCH 1/3] libsepol: fix unused variable 'size' on mac build [PATCH 2/3]

Re: Killing The Android libselinux Fork (available)

William Roberts wrote: On Sep 22, 2016 9:18 PM, "Jeffrey Vander Stoep" wrote: Remember to test on the Mac build. About a year ago I moved the host side tools over to upstream libselinux, but had to revert because it broke the Mac build in multiple places. Since then Richard

Re: [RFC] Build ANDROID_HOST=y on mac

William Roberts wrote: On Sep 28, 2016 17:07, "Joshua Brindle"<brin...@quarksecurity.com> wrote: William Roberts wrote: On Sep 28, 2016 16:54, "Joshua Brindle"<brin...@quarksecurity.com> wrote: Joshua Brindle wrote: William Roberts wrote: From com

Re: [RFC] Build ANDROID_HOST=y on mac

William Roberts wrote: On Sep 28, 2016 16:54, "Joshua Brindle"<brin...@quarksecurity.com> wrote: Joshua Brindle wrote: William Roberts wrote: From commit 35d702 on https://github.com/williamcroberts/selinux/tree/fix-mac I have a branch that is building on my elcapitan mac

Re: MLS directory label inheritance rules

Dennis Sherrell wrote: In a thread ending with Nick Kravelich's contact infirmation, it was written: " If you write top secret data it should stay top secret even if you're writing to a folder that is normally reserved for secret data, or perhaps mixed data. Iirc it uses the MLS of the process

Re: Announcing SPAN: SELinux Policy Analysis Notebook

Karl MacMillan wrote: 5. any references to type attributes should be customizable: ie. process_types = ... filesystem_types = ... etc I do not consider Linux access vectors to be customizable, unlike types ,attributes, booleans, tunables etc) I know what you mean, but I have to point

Re: Announcing SPAN: SELinux Policy Analysis Notebook

Dominick Grift wrote: The idea is nice, unfortunately its inflexible and it has hard-references to reference policy all-over. It has potential but it is still rough. Of course, it is an analysis of a refpolicy-based policy. If you want to analyze a different policy (e.g., Android or

Re: Announcing SPAN: SELinux Policy Analysis Notebook

Dominick Grift wrote: On Sun, May 07, 2017 at 11:22:00AM -0400, Joshua Brindle wrote:the Dominick Grift wrote: The idea is nice, unfortunately its inflexible and it has hard-references to reference policy all-over. It has potential but it is still rough. Of course, it is an analysis

Re: [RFC][PATCH] selinux: add a map permission check for mmap

Stephen Smalley wrote: Add a map permission check on mmap so that we can distinguish memory mapped access (since it has different implications for revocation). When a file is opened and then read or written via syscalls like read(2)/write(2), we revalidate access on each read/write operation via

Re: A casestudy where selinux has stopped malware attacks

masoom alam wrote: Hi every one, Do we have some thing like the mentioned subject documented? Thank you. Probably one of the better catalogued set of malware stopped by SELinux, which shows various ways SELinux mitigated the attacks, is The Case For SEAndroid from Stephen Smalley:

Re: MLS dominance check behavior on el7

On Tue, Sep 11, 2018 at 10:41 AM, Stephen Smalley wrote: > On 09/10/2018 06:30 PM, Ted Toth wrote: >> >> mcstrans mcscolor.c also uses the same logic I'd been using to check >> dominance so this too will no longer function as expected on el7. Do you any >> suggestions for doing a 'generic' (one

Re: MLS dominance check behavior on el7

On Tue, Sep 11, 2018 at 1:33 PM, Stephen Smalley wrote: > On 09/11/2018 12:53 PM, Joshua Brindle wrote: >> >> On Tue, Sep 11, 2018 at 10:41 AM, Stephen Smalley >> wrote: >>> >>> On 09/10/2018 06:30 PM, Ted Toth wrote: >>>> >>>> &