[selinux] loginutils/login.c::initselinux() should use the selinux seuser

Fri Jan 10 01:42:49 UTC 2020

Hi,

We are working on enabling SELinux for BusyBox.

We found a potential issue below, with suggested patch:

loginutils/login.c::initselinux() should use the selinux seuser for default context, not the Linux username.

Patch getseuserbyname() before the get_default_context().

Reference: getseuserbyname on https://selinuxproject.org/page/LibselinuxAPISummary

Example code: https://github.com/SELinuxProject/selinux/blob/master/libselinux/utils/getseuser.c

-Chang

--
本信件可能包含工研院機密資訊，非指定之收件者，請勿使用或揭露本信件內容，並請銷毀此信件。 This email may contain confidential information. Please do not use or disclose it in any way and delete it if you are not the intended recipient.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20200110/6dd65974/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: use_getseuserbyname.patch
Type: text/x-patch
Size: 1042 bytes
Desc: use_getseuserbyname.patch
URL: <http://lists.busybox.net/pipermail/busybox/attachments/20200110/6dd65974/attachment.bin>