avc_has_perm_noaudit crashes process after switching enforcing modes
Steve Ross
sross at trustedcs.com
Tue May 21 15:53:37 UTC 2013
Subscribers,
I'm a newbie. I hope that my question is appropriate for this forum.
I'm using "libselinux-2.094-5.2.el6.i686" from CentOS 6.2 on a system.
In particular, I'm using a call to "avc_has_perm_noaudit()". When
SELinux is in Enforcing mode, all is well and calls to the function
return the correct value of zero or -1. However, as the program runs,
when I externally (i.e., outside of the program's code, using
"setenforce") switch from Enforcing to Permissive, the next call to
"avc_has_perm_noaudit()" crashes the program. I would expect the
function to always return a zero in Permissive mode and not crash.
I've also seen that the call crashes my program if the system is in
Enforcing, I switch it to Permissive (but avoid calling
"avc_has_perm_noaudit()" by use of "security_getenforce()") and then
switch back to Enforcing and call the function.
Is it appropriate to call "avc_has_perm_noaudit()" after externally
switching enforcing modes? Is this crashing a known issue? Is it fixed
in a later release? (I've haven't tried any of the updated releases
listed at <http://userspace.selinuxproject.org/trac/wiki/Releases>.)
Thanks in advance for any help,
-- Steve Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20130521/a27091f1/attachment.html>
More information about the selinux
mailing list