* Mon Nov 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-3

- Raise exception if user tries to add file context with an embedded space
2009-11-16 21:54:45 +00:00 · 2009-11-16 21:54:45 +00:00 · 4e4a82e887
parent a1e42cb153
commit 4e4a82e887
2 changed files with 18 additions and 6 deletions
--- a/policycoreutils-rhat.patch
+++ b/policycoreutils-rhat.patch
@ -2670,7 +2670,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
                else:
 diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po -N -u -r nsapolicycoreutils/semanage/seobject.py policycoreutils-2.0.75/semanage/seobject.py
 --- nsapolicycoreutils/semanage/seobject.py	2009-09-08 09:03:10.000000000 -0400
-+++ policycoreutils-2.0.75/semanage/seobject.py	2009-11-09 16:03:04.000000000 -0500
+++ policycoreutils-2.0.75/semanage/seobject.py	2009-11-16 16:52:53.000000000 -0500
@@ -37,40 +37,6 @@
 
 import syslog
@ -3312,7 +3312,16 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 
         def createcon(self, target, seuser = "system_u"):
                 (rc, con) = semanage_context_create(self.sh)
-@@ -1470,7 +1591,8 @@
+@@ -1446,6 +1567,8 @@
+         def validate(self, target):
+                if target == "" or target.find("\n") >= 0:
+                       raise ValueError(_("Invalid file specification"))
+               if target.find(" ") != -1:
+                      raise ValueError(_("File specification can not include spaces"))
+                       
+ 	def __add(self, target, type, ftype = "", serange = "", seuser = "system_u"):
+                 self.validate(target)
+@@ -1470,7 +1593,8 @@
                               raise ValueError(_("Could not check if file context for %s is defined") % target)
 
                 if exists:
@ -3322,7 +3331,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 
 		(rc, fcontext) = semanage_fcontext_create(self.sh)
 		if rc < 0:
-@@ -1586,9 +1708,16 @@
+@@ -1586,9 +1710,16 @@
                               raise ValueError(_("Could not delete the file context %s") % target)
                        semanage_fcontext_key_free(k)
 	
@ -3339,7 +3348,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 		(rc,k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
 		if rc < 0:
 			raise ValueError(_("Could not create a key for %s") % target)
-@@ -1643,12 +1772,22 @@
+@@ -1643,12 +1774,22 @@
 
 		return ddict
 			
@ -3364,7 +3373,7 @@ diff --exclude-from=exclude --exclude=sepolgen-1.0.17 --exclude=gui --exclude=po
 		for k in keys:
 			if fcon_dict[k]:
 				if is_mls_enabled:
-@@ -1794,6 +1933,16 @@
+@@ -1794,6 +1935,16 @@
                else:
                       return _("unknown")
 
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -6,7 +6,7 @@
 Summary: SELinux policy core utilities
 Name:	 policycoreutils
 Version: 2.0.75
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: GPLv2+
 Group:	 System Environment/Base
 Source:	 http://www.nsa.gov/selinux/archives/policycoreutils-%{version}.tgz
@ -296,6 +296,9 @@ fi
 exit 0

 %changelog
+* Mon Nov 16 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-3
+- Raise exception if user tries to add file context with an embedded space
+
 * Wed Nov 11 2009 Dan Walsh <dwalsh@redhat.com> 2.0.75-2
 - Fix sandbox to setsid so it can run under mozilla without crashing the session