<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Courier 10 Pitch">Subscribers,<br>
<br>
I'm a newbie. I hope that my question is appropriate for this
forum.<br>
<br>
I'm using "libselinux-2.094-5.2.el6.i686" from CentOS 6.2 on a
system. In particular, I'm using a call to
"avc_has_perm_noaudit()". When SELinux is in Enforcing mode, all
is well and calls to the function return the correct value of zero
or -1. However, as the program runs, when I externally (i.e.,
outside of the program's code, using "setenforce") switch from
Enforcing to Permissive, the next call to </font><font
face="Courier 10 Pitch"><font face="Courier 10 Pitch">"avc_has_perm_noaudit()"
crashes the program. I would expect the function to always
return a zero in Permissive mode and not crash. <br>
<br>
I've also seen that the call crashes my program if the system is
in Enforcing, I switch it to Permissive (but avoid calling </font></font><font
face="Courier 10 Pitch"><font face="Courier 10 Pitch"><font
face="Courier 10 Pitch">"avc_has_perm_noaudit()" by use of
"security_getenforce()") and then switch back to Enforcing and
call the function.<br>
<br>
</font>Is it appropriate to call </font></font><font
face="Courier 10 Pitch"><font face="Courier 10 Pitch"><font
face="Courier 10 Pitch">"avc_has_perm_noaudit()" after
externally switching enforcing modes? Is this crashing a
known issue? Is it fixed in a later release? (I've haven't
tried any of the updated releases listed at
<a class="moz-txt-link-rfc2396E" href="http://userspace.selinuxproject.org/trac/wiki/Releases"><http://userspace.selinuxproject.org/trac/wiki/Releases></a>.)<br>
<br>
</font></font>Thanks in advance for any help,<br>
-- Steve Ross<br>
</font>
</body>
</html>