[redhat-lspp] [Fwd: pam_namespace patch]
Tomas Mraz
tmraz at redhat.com
Wed Jan 24 15:40:47 UTC 2007
On Wed, 2007-01-24 at 10:26 -0500, Daniel J Walsh wrote:
> Forwarding this for comment on the redhat-lspp list.
>
> -------- Original Message --------
> Subject: pam_namespace patch
> Date: Wed, 24 Jan 2007 08:45:27 -0600
> From: Xavier Toth <txtoth at gmail.com>
> To: dwalsh at redhat.com
>
>
>
> Dan,
> I'm not sure who to send this to because I haven't submitted a patch
> before but you seemed to be a good candidate. The CAPCO security
> labeling standard allows for characters that are both illegal (for
> instance '/') and unsightly in filenames. This patch processes the
> context to generate a more viable filename. It does so by replacing
> unwanted characters with '_'. I put together a list of character to be
> replaced but feel free to alter it. I created the patch against
> Rawhide but hopefully it will work its way into RHEL5.
What about potential collisions created by this? I mean it is perhaps
possible (although probably not common and wise) to have two contexts on
a system having the same name differing only by the special characters.
It must be either properly documented in pam_namespace documentation or
the conversion function must be changed to use a different way how to
translate it (perhaps using an URL encoding %XX format?).
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the redhat-lspp
mailing list