--- nsapolicycoreutils/newrole/newrole.c	2007-01-04 17:01:41.000000000 -0500
+++ policycoreutils-1.33.10/newrole/newrole.c	2007-01-09 10:09:19.000000000 -0500
@@ -741,6 +741,7 @@
 	char *level_s = NULL;	/* level spec'd by user in argv[] */
 	char *range_ptr = NULL;
 	security_context_t new_con = NULL;
+	security_context_t tty_con = NULL;
 	context_t context = NULL; /* manipulatable form of new_context */
 	const struct option long_options[] = {
 		{"role", 1, 0, 'r'},
@@ -793,6 +794,15 @@
 					"specified\n"));
 				return -1;
 			}
+			if (fgetfilecon(0,&tty_con) >= 0) {
+				if (selinux_check_securetty_context(tty_con) != 1) {
+					fprintf(stderr, "Error: you are not allowed to change levels on a non secure terminal\n");
+					freecon(tty_con);
+					return -1;
+				}
+				freecon(tty_con);
+			}
+
 			level_s = optarg;
 			break;
 		default: