On Mon, Mar 05, 2018 at 09:03:10AM -0500, Stephen Smalley wrote:
> On 03/02/2018 01:49 PM, Chris PeBenito wrote:
> > I've been able to make SETools dynamically link to libsepol. However,
> > one challenge is with policycap names. They're static libsepol, with
> > nothing that exports them. Can w
On Wed, Mar 07, 2018 at 04:19:33PM +0800, Jason Zaman wrote:
> On Mon, Mar 05, 2018 at 09:03:10AM -0500, Stephen Smalley wrote:
> > On 03/02/2018 01:49 PM, Chris PeBenito wrote:
> > > I've been able to make SETools dynamically link to libsepol. However,
> > > one challenge is with policycap names.
---
python/sepolgen/src/sepolgen/policygen.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/sepolgen/src/sepolgen/policygen.py
b/python/sepolgen/src/sepolgen/policygen.py
index 34c84010..ee664fb7 100644
--- a/python/sepolgen/src/sepolgen/policygen.py
+++ b/python/sepo
Signed-off-by: Jan Zarsky
---
python/sepolgen/src/sepolgen/policygen.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/sepolgen/src/sepolgen/policygen.py
b/python/sepolgen/src/sepolgen/policygen.py
index 34c84010..ee664fb7 100644
--- a/python/sepolgen/src/sepolgen/pol
On Tue, 06 Mar 2018 17:27:44 -0500
Paul Moore wrote:
> From: Paul Moore
>
> Starting with v4.16-rc1 we've been seeing a higher than usual number
> of requests for the kernel to load networking modules, even on events
> which shouldn't trigger a module load (e.g. ioctl(TCGETS)). Stephen
> Small
On Tue, Mar 6, 2018 at 6:59 PM, Stephen Hemminger
wrote:
> On Tue, 06 Mar 2018 17:27:44 -0500
> Paul Moore wrote:
>> From: Paul Moore
>>
>> Starting with v4.16-rc1 we've been seeing a higher than usual number
>> of requests for the kernel to load networking modules, even on events
>> which shoul
On 03/05/2018 05:58 PM, Nicolas Iooss wrote:
cil_tree_print_expr() calls cil_expr_to_string() in order to compute a
string expression into expr_str. If this function fails, expr_str is
left unitialized but its value is dereferenced with:
cil_log(CIL_INFO, "%s)", expr_str);
Prevent such an
On 03/05/2018 05:58 PM, Nicolas Iooss wrote:
In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name()
fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is
called to free the memory associated with tmp_key, which results in
free() being called on uninitialized tmp_key
On 03/06/2018 06:58 AM, Vit Mojzis wrote:
> access() uses real UID instead of effective UID which causes false
> negative checks in setuid programs.
> Replace access(,F_OK) (i.e. tests for file existence) by stat().
> And access(,R_OK) by fopen(,"r")
>
> Fixes: https://bugzilla.redhat.com/show_bug
Nicolas Iooss reports:
In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name()
fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is
called to free the memory associated with tmp_key, which results in
free() being called on uninitialized tmp_key->ibdev_name.
This issu
From: Paul Moore
Date: Tue, 6 Mar 2018 17:32:47 -0500
> On Tue, Mar 6, 2018 at 5:27 PM, Paul Moore wrote:
>> From: Paul Moore
>>
>> Starting with v4.16-rc1 we've been seeing a higher than usual number
>> of requests for the kernel to load networking modules, even on events
>> which shouldn't tr
11 matches
Mail list logo