[PATCH v3 2/2] Xext: Use general OS functions to determine client command string in SELinux.
Rami Ylimäki
rami.ylimaki at vincit.fi
Fri Oct 1 08:14:45 PDT 2010
SELinux could be also modified to take advantage of client ID tracking
but we don't introduce that dependency here. People interested in
SELinux are free to add that dependency later.
Signed-off-by: Rami Ylimäki <rami.ylimaki at vincit.fi>
---
Xext/xselinux_hooks.c | 22 +++++-----------------
1 files changed, 5 insertions(+), 17 deletions(-)
diff --git a/Xext/xselinux_hooks.c b/Xext/xselinux_hooks.c
index 560e1e9..73a1179 100644
--- a/Xext/xselinux_hooks.c
+++ b/Xext/xselinux_hooks.c
@@ -129,26 +129,14 @@ SELinuxLabelClient(ClientPtr client)
/* For local clients, try and determine the executable name */
if (XaceIsLocal(client)) {
- struct ucred creds;
- socklen_t len = sizeof(creds);
- char path[PATH_MAX + 1];
- size_t bytes;
+ pid_t pid = GetPidFromClient(client);
+ const char *cmd = GetCommandFromPid(pid);
- memset(&creds, 0, sizeof(creds));
- if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &creds, &len) < 0)
+ if (!cmd)
goto finish;
- snprintf(path, PATH_MAX + 1, "/proc/%d/cmdline", creds.pid);
- fd = open(path, O_RDONLY);
- if (fd < 0)
- goto finish;
-
- bytes = read(fd, path, PATH_MAX + 1);
- close(fd);
- if (bytes <= 0)
- goto finish;
-
- strncpy(subj->command, path, COMMAND_LEN - 1);
+ strncpy(subj->command, cmd, COMMAND_LEN - 1);
+ free((void *) cmd);
}
finish:
--
1.6.3.3
More information about the xorg-devel
mailing list