Skip to content

Commit

Permalink
Fix process58 for Ubuntu
Browse files Browse the repository at this point in the history
  • Loading branch information
@bruducrot @jan-cerny
bruducrot authored and jan-cerny committed Sep 8, 2017
1 parent 4bcce34 commit 0844e5f
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/OVAL/probes/unix/process58.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,10 @@ static char *get_selinux_label(int pid) {
return NULL;
}
context = context_new(pid_context);
if (context == NULL) {
/* Another LSM is in use */
return NULL;
}
selinux_label = strdup(context_type_get(context));
context_free(context);
freecon(pid_context);
Expand Down

1 comment on commit 0844e5f

@bachradsusi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

More appropriate fix would be to check if SELinux is enabled first. getpidcon() gets information from /proc/<pid>/attr/current but this interface is used by other LSM's as well so the return value can be totally wrong and SELinux unrelated.

Please sign in to comment.