On 01/30/2014 12:27 PM, Richard Yao wrote: > On 01/30/2014 12:07 PM, Matthew Thode wrote: >> On 01/30/2014 10:41 AM, Stephen Smalley wrote: >>> On 01/30/2014 10:51 AM, Matthew Thode wrote: >>>> On 01/30/2014 09:45 AM, Stephen Smalley wrote: >>>>> We'll have to investigate, as that obviously shouldn't be possible. >>>>> Wouldn't be allowed in enforcing mode or for any non-root process. > > This is an untested conjecture, but I believe that a FUSE filesystem > could be used to trigger this in enforcing mode. If I am right, a custom > FUSE filesystem could trigger it with ease. However, I do not see what > that would accomplish beyond triggering the BUG_ON. SELinux does not presently request or use xattrs from FUSE filesystems, so I don't believe this is presently an issue, but I understand. > >>> Try the attached patch. >>> >>> >> Confirmed that this fixes it :D thanks a ton for this. > > This patch looks good to me. Feel free to append my Acked-by: > > Acked-by: Richard Yao <ryao@xxxxxxxxxx> > _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
