On Mon, Jun 22, 2015 at 4:40 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > There was a bug in the unix and inet socket tests: > the server program would exit as soon as it finished > responding to the legitimate client, so the unauthorized > client tests were "succeeding" due to the server socket > not even existing rather than a permission denial. Fix > the server to stay around until it is explicitly killed by > the test scripts. This fix then revealed a problem with the > last inet_socket test: although the permission denial correctly > prevents the server from receiving the datagram message, the > client gets no notification of this failure and hangs on its > subsequent attempt to read a reply from the server. Remove > that last test until we come up with a suitable way of testing. How about a AF_UNIX side channel to communicate success/failure between the client and server? -- paul moore www.paul-moore.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
