[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: Re: Permissive mode for xace is broken.
From: Eamon Walsh <ewalsh () tycho ! nsa ! gov>
Date: 2008-02-27 3:46:48
Message-ID: 47C4DD28.90805 () tycho ! nsa ! gov
[Download RAW message or body]
Joe Nall wrote:
> On Feb 26, 2008, at 8:31 PM, Eamon Walsh wrote:
>
>> I found the source of the BadWindow errors. I'm going to fix this
>> upstream and throw an SRPM patch to Dan so he can test.
>>
>> Also, I think I'm going to change XQueryPointer() from requring
>> "read" to simply "getattr" permission on the device. I really do
>> think it should require "read," but too many things call it and we
>> need to turn "read" off to prevent the xspy attack.
>>
>> Finally, I'm going to try and get the polyinstantiation code for
>> properties and selections in before the feature freeze.
>>
>
> Awesome. Can I get a copy of the patch too?
>
> joe
>
Attached and selinux list cc'ed.
One more thing: the SELinux extension is part of extmod, so you can do
this in your xorg.conf if you want to disable it:
Section "Module"
SubSection "extmod"
Option "omit SELinux"
EndSubSection
EndSection
At the present time there is no enforcing/permissive switch for just the
xserver.
--
Eamon Walsh <ewalsh@tycho.nsa.gov>
National Security Agency
["badwindow_fix.patch" (text/x-patch)]
From 4632ea22580c31d44b0786321668d9e78f02900e Tue Feb 26 22:00:52 2008
From: Eamon Walsh <ewalsh@tycho.nsa.gov>
Date: Tue Feb 26 22:00:52 2008 -0500
Subject: Temporary BadWindow error fix.
---
diff --git a/Xext/xselinux.c b/Xext/xselinux.c
index 5aa2ad3..60ec8d4 100644
--- a/Xext/xselinux.c
+++ b/Xext/xselinux.c
@@ -951,42 +951,11 @@ static void
SELinuxSelectionState(CallbackListPtr *pcbl, pointer unused, pointer calldata)
{
SelectionInfoRec *rec = calldata;
- SELinuxSubjectRec *subj;
- SELinuxObjectRec *obj;
switch (rec->kind) {
case SelectionSetOwner:
- /* save off the "real" owner of the selection */
- rec->selection->alt_client = rec->selection->client;
- rec->selection->alt_window = rec->selection->window;
-
- /* figure out the new label for the content */
- subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey);
- obj = dixLookupPrivate(&rec->selection->devPrivates, objectKey);
- sidput(obj->sid);
-
- if (avc_compute_create(subj->sid, subj->sid, SECCLASS_X_SELECTION,
- &obj->sid) < 0) {
- ErrorF("SELinux: a compute_create call failed!\n");
- obj->sid = unlabeled_sid;
- }
- break;
-
case SelectionGetOwner:
- /* restore the real owner */
- rec->selection->window = rec->selection->alt_window;
- break;
-
case SelectionConvertSelection:
- /* redirect the convert request if necessary */
- if (securityManager && securityManager != rec->client) {
- rec->selection->client = securityManager;
- rec->selection->window = securityWindow;
- } else {
- rec->selection->client = rec->selection->alt_client;
- rec->selection->window = rec->selection->alt_window;
- }
- break;
default:
break;
}
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic