[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#493524: xdm: SE Linux patch was written for old version

On Sun, Aug  3, 2008 at 09:30:37 +1000, Russell Coker wrote:

> +#ifdef HAVE_SELINUX
> +/* This should be run just before we exec the user session. */
> +static int
> +xdm_selinux_setup (const char *login)
> +  {
> +	security_context_t scontext;
> +	int ret = -1;
> +	char *seuser=NULL;
> +	char *level=NULL;
> +
> +	/* If SELinux is not enabled, then we don't do anything. */
> +	if ( is_selinux_enabled () <= 0)
> +		return TRUE;
> +
> +	if (getseuserbyname(login, &seuser, &level) == 0)
> +		ret=get_default_context_with_level(seuser, level, 0, &scontext);
> +	if (ret < 0 || scontext == NULL) {
> +		LogError ("SELinux: unable to obtain default security context for %s\n", login);
> +		return FALSE;
> +	}
> +
> +	if (setexeccon (scontext) != 0) {
> +	freecon (scontext);
> +	LogError ("SELinux: unable to set executable context %s\n",
> +	      (char *)scontext);
> +	return FALSE;
> +	}
> +
> +	freecon (scontext);
> +	return TRUE;
> +}
> +#endif /* HAVE_SELINUX */
> +

Looks like seuser and level are never freed.  Am I missing something?

Cheers,
Julien
Reply to: