SELinux could be also modified to take advantage of client ID tracking but we don't introduce that dependency here. People interested in SELinux are free to add that dependency later.
Signed-off-by: Rami Ylimäki <[email protected]> --- Xext/xselinux_hooks.c | 22 +++++----------------- 1 files changed, 5 insertions(+), 17 deletions(-) diff --git a/Xext/xselinux_hooks.c b/Xext/xselinux_hooks.c index 560e1e9..73a1179 100644 --- a/Xext/xselinux_hooks.c +++ b/Xext/xselinux_hooks.c @@ -129,26 +129,14 @@ SELinuxLabelClient(ClientPtr client) /* For local clients, try and determine the executable name */ if (XaceIsLocal(client)) { - struct ucred creds; - socklen_t len = sizeof(creds); - char path[PATH_MAX + 1]; - size_t bytes; + pid_t pid = GetPidFromClient(client); + const char *cmd = GetCommandFromPid(pid); - memset(&creds, 0, sizeof(creds)); - if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &creds, &len) < 0) + if (!cmd) goto finish; - snprintf(path, PATH_MAX + 1, "/proc/%d/cmdline", creds.pid); - fd = open(path, O_RDONLY); - if (fd < 0) - goto finish; - - bytes = read(fd, path, PATH_MAX + 1); - close(fd); - if (bytes <= 0) - goto finish; - - strncpy(subj->command, path, COMMAND_LEN - 1); + strncpy(subj->command, cmd, COMMAND_LEN - 1); + free((void *) cmd); } finish: -- 1.6.3.3 _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
