From: Stephen Smalley <sds@tycho.nsa.gov>
To: Guido Trentalancia <guido@trentalancia.com>
Cc: Eric Paris <eparis@redhat.com>,
Eric Paris <eparis@parisplace.org>,
SELinux Mail List <selinux@tycho.nsa.gov>
Subject: Re: [PATCH] Fix includes for userspace tools and libraries (and possible security issue)
Date: Tue, 13 Sep 2011 15:17:15 -0400 [thread overview]
Message-ID: <1315941435.12522.72.camel@moss-pluto> (raw)
In-Reply-To: <1315939603.2218.19.camel@vortex>
On Tue, 2011-09-13 at 20:46 +0200, Guido Trentalancia wrote:
> To be more precise...
> > And to that add that the actual LDFLAGS possibly introduces an unwanted
> > and potentially dangerous libsepol.a cache !
>
> Please read LDLIBS instead of LDFLAGS.
>
> At the least the following objects could be affected: checkpolicy,
> semodule_deps, mcstransd and the audit2why.so python module. A security
> notice might be need to be issued if confirmed.
>
> > In fact, somewhere the LDFLAGS currently adds $(LIBDIR)/libsepol.a
> > instead of the local copy of static library libsepol.a. This should be
> > further investigated as it might need to be treated as a security flaw
> > (binaries available from different vendors might be affected if linked
> > against the existing old libsepol.a static library).
If you build with make DESTDIR=~/out > out and then grep libsepol.a out,
you'll see that it picks up the locally built one:
$ grep libsepol.a out
ar rcs libsepol.a hierarchy.o genusers.o roles.o context_record.o port_record.o boolean_record.o interfaces.o assertion.o avtab.o polcaps.o link.o ports.o genbools.o handle.o module.o write.o users.o policydb.o symtab.o policydb_public.o mls.o ebitmap.o user_record.o hashtab.o debug.o util.o conditional.o policydb_convert.o services.o nodes.o sidtab.o iface_record.o context.o expand.o booleans.o constraint.o avrule_block.o node_record.o
ranlib libsepol.a
install -m 644 libsepol.a /home/sds/out/usr/lib
cc checkpolicy.o y.tab.o lex.yy.o queue.o module_compiler.o parse_util.o policy_define.o /home/sds/out/usr/lib/libsepol.a -lfl -o checkpolicy
cc checkmodule.o y.tab.o lex.yy.o queue.o module_compiler.o parse_util.o policy_define.o /home/sds/out/usr/lib/libsepol.a -lfl -o checkmodule
cc dispol.o -lfl -lsepol -lselinux /home/sds/out/usr/lib/libsepol.a -L/home/sds/out/usr/lib -o dispol
cc dismod.o -lfl -lsepol -lselinux /home/sds/out/usr/lib/libsepol.a -L/home/sds/out/usr/lib -o dismod
cc semodule_deps.o /home/sds/out/usr/lib/libsepol.a -o semodule_deps
At least with that 16 month old checkout where make DESTDIR=~/out still
works.
In any event, the distributions don't build this way; they build
libsepol as a separate package and install it first before building the
packages that depend on it.
No CVEs filed for libsepol, and it isn't supposed to be a trust
boundary.
Nonetheless, I agree that reducing the number of users of the static
libsepol would be a good thing. Only checkpolicy (and setools) has a
legitimate claim to needing it. The rest ought to be reworked to use
new interfaces provided by the shared lib with proper encapsulation of
the data structures and implementation details.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2011-09-13 19:17 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-09 17:01 [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule Guido Trentalancia
2011-09-09 17:11 ` Guido Trentalancia
2011-09-09 17:17 ` Guido Trentalancia
2011-09-09 17:31 ` Eric Paris
2011-09-09 17:46 ` Guido Trentalancia
2011-09-09 17:59 ` [PATCH] Fix LIBDIR usage for load_policy (was Re: [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule) Guido Trentalancia
2011-09-09 21:19 ` [RFC] Userspace top-level Makefile (was Re: [PATCH] Fix LIBDIR usage for load_policy) Guido Trentalancia
2011-09-09 21:37 ` Joshua Brindle
2011-09-09 21:46 ` Guido Trentalancia
2011-09-09 22:35 ` Guido Trentalancia
2011-09-09 23:07 ` Eric Paris
2011-09-09 23:12 ` Guido Trentalancia
2011-09-09 23:15 ` Eric Paris
2011-09-09 23:25 ` Guido Trentalancia
2011-09-09 23:45 ` Guido Trentalancia
2011-09-09 23:56 ` Guido Trentalancia
2011-09-10 1:04 ` [RFC] Userspace git local build (was Re: [RFC] Userspace top-level Makefile) Guido Trentalancia
2011-09-10 2:39 ` [RFC v2] Userspace git local build (was Re: [RFC] Userspace git local build) Guido Trentalancia
2011-09-11 23:22 ` [RFC] Userspace top-level Makefile (was Re: [PATCH] Fix LIBDIR usage for load_policy) Joshua Brindle
2011-09-12 2:12 ` Guido Trentalancia
2011-09-12 12:41 ` Joshua Brindle
2011-09-12 20:17 ` [RFC] Improve installation of userspace shared libraries (was Re: [RFC] Userspace top-level Makefile) Guido Trentalancia
2011-09-13 21:00 ` Stephen Smalley
2011-09-13 21:12 ` Guido Trentalancia
2011-09-13 21:35 ` Guido Trentalancia
2011-09-12 12:57 ` [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule Stephen Smalley
2011-09-12 20:29 ` [PATCH] Fix includes for userspace tools and libraries (was Re: [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule) Guido Trentalancia
2011-09-12 22:01 ` Eric Paris
2011-09-12 23:05 ` Guido Trentalancia
2011-09-13 0:53 ` Guido Trentalancia
2011-09-13 2:03 ` [PATCH v2] Fix includes for userspace tools and libraries (was Re: [PATCH] Fix includes for userspace tools and libraries) Guido Trentalancia
2011-09-13 2:41 ` [PATCH v3] Fix includes for userspace tools and libraries (was Re: [PATCH v2] " Guido Trentalancia
2011-09-13 12:41 ` [PATCH] Fix includes for userspace tools and libraries (was Re: [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule) Stephen Smalley
2011-09-13 16:31 ` Guido Trentalancia
2011-09-13 17:20 ` Stephen Smalley
2011-09-13 18:33 ` [PATCH] Fix includes for userspace tools and libraries (and possible security issue) Guido Trentalancia
2011-09-13 18:46 ` Guido Trentalancia
2011-09-13 19:17 ` Stephen Smalley [this message]
2011-09-13 18:48 ` Stephen Smalley
2011-09-13 19:18 ` Guido Trentalancia
2011-09-13 19:25 ` Stephen Smalley
2011-09-13 19:34 ` Stephen Smalley
2011-09-13 20:04 ` Guido Trentalancia
2011-09-13 20:20 ` Stephen Smalley
2011-09-13 20:49 ` Guido Trentalancia
2011-09-13 20:26 ` Eric Paris
2011-09-13 20:42 ` Stephen Smalley
2011-09-13 21:09 ` Guido Trentalancia
2011-09-13 22:05 ` [PATCH v4] " Guido Trentalancia
2011-09-13 23:33 ` [PATCH] Fix function arguments in libsemanage tests (was Re: [PATCH v4] Fix includes for userspace tools and libraries) Guido Trentalancia
2011-09-14 0:44 ` [PATCH] Change default make target for sepolgen " Guido Trentalancia
2011-09-14 1:10 ` [PATCH] Change default make target for some directories in the libraries (was Re: [PATCH] Change default make target for sepolgen) Guido Trentalancia
2011-09-14 1:20 ` [PATCH] Change default make target for the man directory of policycoreutils/mcstrans " Guido Trentalancia
2011-09-14 19:16 ` [PATCH] Change default make target for sepolgen (was Re: [PATCH v4] Fix includes for userspace tools and libraries) Eric Paris
2011-09-14 19:31 ` [PATCH] Fix function arguments in libsemanage tests " Eric Paris
2011-09-15 4:40 ` [PATCH v5] Fix makefiles for the userspace tools and libraries Guido Trentalancia
2011-09-15 9:40 ` [PATCH] Fix symbolic link creation for the userspace libraries Guido Trentalancia
2011-09-15 11:51 ` [PATCH v5] Fix makefiles for the userspace tools and libraries Guido Trentalancia
2011-09-14 12:56 ` [PATCH v4] Fix includes for userspace tools and libraries (and possible security issue) Stephen Smalley
2011-09-15 2:44 ` [PATCH v5] " Guido Trentalancia
2011-09-15 12:56 ` Stephen Smalley
2011-09-15 16:04 ` Guido Trentalancia
2011-09-15 16:35 ` Stephen Smalley
2011-09-15 17:03 ` Guido Trentalancia
2011-09-15 17:16 ` Stephen Smalley
2011-09-15 17:26 ` Guido Trentalancia
2011-09-15 18:14 ` Stephen Smalley
2011-09-15 19:12 ` [PATCH v5] Fix includes for userspace tools and libraries Guido Trentalancia
2011-09-15 20:00 ` Stephen Smalley
2011-09-15 20:32 ` Guido Trentalancia
2011-09-16 12:39 ` Stephen Smalley
2011-09-16 12:50 ` Guido Trentalancia
2011-09-17 20:48 ` [PATCH v6] " Guido Trentalancia
2011-09-15 19:37 ` [PATCH v5] " Guido Trentalancia
2011-09-15 17:15 ` [PATCH v5] Fix includes for userspace tools and libraries (and possible security issue) Eric Paris
2011-09-13 19:42 ` [PATCH] " Guido Trentalancia
2011-09-13 17:08 ` [PATCH] Fix includes for userspace tools and libraries (was Re: [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule) Stephen Smalley
2011-09-09 17:31 ` [PATCH] Fix include semanage/handle.h for semanage_set_root() as used by semodule Guido Trentalancia
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1315941435.12522.72.camel@moss-pluto \
--to=sds@tycho.nsa.gov \
--cc=eparis@parisplace.org \
--cc=eparis@redhat.com \
--cc=guido@trentalancia.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.