AuroraMiddleware/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2024-12-22 19:00:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

* nscd/connections.c (handle_request): Check selinux permissions

Browse Source 
for all non-admin commands.
This commit is contained in:
Ulrich Drepper 2007-01-13 04:41:19 +00:00
parent 038a1a9fc3
commit 43397eaf04
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -1,5 +1,8 @@
2007-01-12 Ulrich Drepper <drepper@redhat.com>
* nscd/connections.c (handle_request): Check selinux permissions
for all non-admin commands.
* sysdeps/i386/i486/bits/atomic.h: Define
atomic_compare_and_exchange_val_acq,
atomic_compare_and_exchange_bool_acq, and atomic_exchange_and_add

7
nscd/connections.c
View File

@ -1,5 +1,5 @@
/* Inner loops of cache daemon.
Copyright (C) 1998-2003, 2004, 2005, 2006 Free Software Foundation, Inc.
Copyright (C) 1998-2003, 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
@ -911,8 +911,9 @@ cannot handle old request version %d; current version is %d"),
need to verify that the request type is valid, since it has not
yet been checked at this point. */
if (selinux_enabled
&& __builtin_expect (req->type, GETPWBYNAME) >= GETPWBYNAME
&& __builtin_expect (req->type, LASTREQ) < LASTREQ
&& __builtin_expect (req->type >= GETPWBYNAME, 1)
&& __builtin_expect (req->type < LASTREQ, 1)
&& __builtin_expect (req->type < SHUTDOWN || req->type > INVALIDATE, 1)
&& nscd_request_avc_has_perm (fd, req->type) != 0)
return;