On Fri, Oct 01, 2010 at 05:14:45PM +0200, ext Rami Ylimäki wrote: > SELinux could be also modified to take advantage of client ID tracking > but we don't introduce that dependency here. People interested in > SELinux are free to add that dependency later. > > Signed-off-by: Rami Ylimäki <[email protected]>
Reviewed-by: Tiago Vignatti <[email protected]> > --- > Xext/xselinux_hooks.c | 22 +++++----------------- > 1 files changed, 5 insertions(+), 17 deletions(-) > > diff --git a/Xext/xselinux_hooks.c b/Xext/xselinux_hooks.c > index 560e1e9..73a1179 100644 > --- a/Xext/xselinux_hooks.c > +++ b/Xext/xselinux_hooks.c > @@ -129,26 +129,14 @@ SELinuxLabelClient(ClientPtr client) > > /* For local clients, try and determine the executable name */ > if (XaceIsLocal(client)) { > - struct ucred creds; > - socklen_t len = sizeof(creds); > - char path[PATH_MAX + 1]; > - size_t bytes; > + pid_t pid = GetPidFromClient(client); > + const char *cmd = GetCommandFromPid(pid); > > - memset(&creds, 0, sizeof(creds)); > - if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &creds, &len) < 0) > + if (!cmd) > goto finish; > > - snprintf(path, PATH_MAX + 1, "/proc/%d/cmdline", creds.pid); > - fd = open(path, O_RDONLY); > - if (fd < 0) > - goto finish; > - > - bytes = read(fd, path, PATH_MAX + 1); > - close(fd); > - if (bytes <= 0) > - goto finish; > - > - strncpy(subj->command, path, COMMAND_LEN - 1); > + strncpy(subj->command, cmd, COMMAND_LEN - 1); > + free((void *) cmd); > } > > finish: > -- > 1.6.3.3 > Tiago _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
