-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/21/2013 11:53 AM, Steve Ross wrote: > Subscribers, > > I'm a newbie. I hope that my question is appropriate for this forum. > > I'm using "libselinux-2.094-5.2.el6.i686" from CentOS 6.2 on a system. In > particular, I'm using a call to "avc_has_perm_noaudit()". When SELinux is > in Enforcing mode, all is well and calls to the function return the correct > value of zero or -1. However, as the program runs, when I externally > (i.e., outside of the program's code, using "setenforce") switch from > Enforcing to Permissive, the next call to "avc_has_perm_noaudit()" crashes > the program. I would expect the function to always return a zero in > Permissive mode and not crash. > > I've also seen that the call crashes my program if the system is in > Enforcing, I switch it to Permissive (but avoid calling > "avc_has_perm_noaudit()" by use of "security_getenforce()") and then switch > back to Enforcing and call the function. > > Is it appropriate to call "avc_has_perm_noaudit()" after externally > switching enforcing modes? Is this crashing a known issue? Is it fixed in > a later release? (I've haven't tried any of the updated releases listed > at <http://userspace.selinuxproject.org/trac/wiki/Releases>.) > > Thanks in advance for any help, -- Steve Ross > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > Sounds like a bug, can you write a reproducer and the send in the code, or open a bugzilla/service request. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGbnhQACgkQrlYvE4MpobPfzwCgw9f4mxQWHvbS4Zi0Km/i1jki JkIAmwQ6KbKxNM8iAU3dg2/arF3CIkjD =Nx1y -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
