[PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
@ 2021-05-03 17:46 Christian Göttsche
  2021-05-07 10:05 ` Petr Lautrbach
  2021-05-10 10:12 ` [PATCH v2] " Christian Göttsche
  0 siblings, 2 replies; 4+ messages in thread
From: Christian Göttsche @ 2021-05-03 17:46 UTC (permalink / raw)
  To: selinux

`selinux_check_passwd_access_internal()`, and thereby
`checkPasswdAccess(3)` and `selinux_check_passwd_access(3)`, does not
respect the policy defined setting of `deny_unknown`, like
`selinux_check_access(3)` does.
This means in case the security class `passwd` is not defined, success
is returned instead of failure, i.e. permission denied.

Most policies should define the `passwd` class and the two affected
public functions are marked deprecated.

Align the behavior with `selinux_check_passwd_access(3)` and respect
the deny_unknown setting in case the security class is not defined.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libselinux/src/checkAccess.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
index b337ea64..022cd6b5 100644
--- a/libselinux/src/checkAccess.c
+++ b/libselinux/src/checkAccess.c
@@ -78,7 +78,9 @@ static int selinux_check_passwd_access_internal(access_vector_t requested)
 		passwd_class = string_to_security_class("passwd");
 		if (passwd_class == 0) {
 			freecon(user_context);
-			return 0;
+			if (security_deny_unknown() == 0)
+				return 0;
+			return -1;
 		}

 		retval = security_compute_av_raw(user_context,
-- 
2.31.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  2021-05-03 17:46 [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown Christian Göttsche
@ 2021-05-07 10:05 ` Petr Lautrbach
  2021-05-10 10:12 ` [PATCH v2] " Christian Göttsche
  1 sibling, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2021-05-07 10:05 UTC (permalink / raw)
  To: Christian Göttsche, selinux

Christian Göttsche <cgzones@googlemail.com> writes:

> `selinux_check_passwd_access_internal()`, and thereby
> `checkPasswdAccess(3)` and `selinux_check_passwd_access(3)`, does not
> respect the policy defined setting of `deny_unknown`, like
> `selinux_check_access(3)` does.
> This means in case the security class `passwd` is not defined, success
> is returned instead of failure, i.e. permission denied.
>
> Most policies should define the `passwd` class and the two affected
> public functions are marked deprecated.
>
> Align the behavior with `selinux_check_passwd_access(3)` and respect

Should it be "Align the behavior with `selinux_check_access(3)`" ?

> the deny_unknown setting in case the security class is not defined.
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>


Acked-by: Petr Lautrbach <plautrba@redhat.com>


> ---
>  libselinux/src/checkAccess.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
> index b337ea64..022cd6b5 100644
> --- a/libselinux/src/checkAccess.c
> +++ b/libselinux/src/checkAccess.c
> @@ -78,7 +78,9 @@ static int selinux_check_passwd_access_internal(access_vector_t requested)
>  		passwd_class = string_to_security_class("passwd");
>  		if (passwd_class == 0) {
>  			freecon(user_context);
> -			return 0;
> +			if (security_deny_unknown() == 0)
> +				return 0;
> +			return -1;
>  		}
>  
>  		retval = security_compute_av_raw(user_context,
> -- 
> 2.31.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  2021-05-03 17:46 [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown Christian Göttsche
  2021-05-07 10:05 ` Petr Lautrbach
@ 2021-05-10 10:12 ` Christian Göttsche
  2021-05-12  8:09   ` Petr Lautrbach
  1 sibling, 1 reply; 4+ messages in thread
From: Christian Göttsche @ 2021-05-10 10:12 UTC (permalink / raw)
  To: selinux

`selinux_check_passwd_access_internal()`, and thereby
`checkPasswdAccess(3)` and `selinux_check_passwd_access(3)`, does not
respect the policy defined setting of `deny_unknown`, like
`selinux_check_access(3)` does.
This means in case the security class `passwd` is not defined, success
is returned instead of failure, i.e. permission denied.

Most policies should define the `passwd` class and the two affected
public functions are marked deprecated.

Align the behavior with `selinux_check_access(3)` and respect
the deny_unknown setting in case the security class is not defined.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
Fixed function name in commit message, spotted by Petr Lautrbach.

 libselinux/src/checkAccess.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
index b337ea64..022cd6b5 100644
--- a/libselinux/src/checkAccess.c
+++ b/libselinux/src/checkAccess.c
@@ -78,7 +78,9 @@ static int selinux_check_passwd_access_internal(access_vector_t requested)
 		passwd_class = string_to_security_class("passwd");
 		if (passwd_class == 0) {
 			freecon(user_context);
-			return 0;
+			if (security_deny_unknown() == 0)
+				return 0;
+			return -1;
 		}

 		retval = security_compute_av_raw(user_context,
-- 
2.31.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  2021-05-10 10:12 ` [PATCH v2] " Christian Göttsche
@ 2021-05-12  8:09   ` Petr Lautrbach
  0 siblings, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2021-05-12  8:09 UTC (permalink / raw)
  To: Christian Göttsche, selinux

Christian Göttsche <cgzones@googlemail.com> writes:

> `selinux_check_passwd_access_internal()`, and thereby
> `checkPasswdAccess(3)` and `selinux_check_passwd_access(3)`, does not
> respect the policy defined setting of `deny_unknown`, like
> `selinux_check_access(3)` does.
> This means in case the security class `passwd` is not defined, success
> is returned instead of failure, i.e. permission denied.
>
> Most policies should define the `passwd` class and the two affected
> public functions are marked deprecated.
>
> Align the behavior with `selinux_check_access(3)` and respect
> the deny_unknown setting in case the security class is not defined.
>
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

Merged, thanks!

> ---
> Fixed function name in commit message, spotted by Petr Lautrbach.
>
>  libselinux/src/checkAccess.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
> index b337ea64..022cd6b5 100644
> --- a/libselinux/src/checkAccess.c
> +++ b/libselinux/src/checkAccess.c
> @@ -78,7 +78,9 @@ static int selinux_check_passwd_access_internal(access_vector_t requested)
>  		passwd_class = string_to_security_class("passwd");
>  		if (passwd_class == 0) {
>  			freecon(user_context);
> -			return 0;
> +			if (security_deny_unknown() == 0)
> +				return 0;
> +			return -1;
>  		}
>  
>  		retval = security_compute_av_raw(user_context,
> -- 
> 2.31.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-05-12  8:10 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-05-03 17:46 [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown Christian Göttsche
2021-05-07 10:05 ` Petr Lautrbach
2021-05-10 10:12 ` [PATCH v2] " Christian Göttsche
2021-05-12  8:09   ` Petr Lautrbach

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.