Re: SELinux bugs with ls"

[Jim Meyering]

Paul Eggert <address@hidden> wrote:
> I found this by code inspection.  On SELinux, "ls -l" doesn't output
> the "+" indicating an alternate access method is in place, unless you
> also specify -Z.  But the point of the "+" is to warn users that the
> ordinary permissions don't tell the whole story.  So, on SELinux, the
> "+" should be output even if users don't specify -Z.
>
> While checking this, I found two closely-related problems:
>
> * The following code in length_of_file_name_and_frills might dump core if
>   format==with_commas && !f->scontext.
>
>   if (print_scontext)
>     len += 1 + (format == with_commas ? strlen (f->scontext) : 
> scontext_width);
>
> * The code currently treats getfilecon failures as if they were stat failures,
>   which means 'ls' will refuse to print useful information for files that
>   stat correctly but fail with getfilecon.  It's more consistent to treat
>   a getfilecon failure like a file_has_acl failure, i.e., print a diagnostic
>   but then go ahead and print the stat-related info.
>
> Here's a patch.  I can't easily debug this (e.g., supply a test case)
> since I don't have easy access to SELinux.
>
> 2007-12-11  Paul Eggert  <address@hidden>
>
>       "ls -l" wouldn't output "+" on SELinux hosts unless -Z was also given.
>       * src/ls.c (gobble_file): Also get the file context if -l is specified.
>       Treat getfilecon failures like file_has_acl failures.
>       (UNKNOWN_SECURITY_CONTEXT): New constant.
>       (clear_files): Don't free it.
>       (gobble_file): Set unknown security contexts to it; that way, we
>       don't have to have special cases for unknown contexts.
>       (print_long_format, print_file_name_and_frills): Don't worry
>       about scontext being null, since it's always some string now.

Good catch!
Thank you.  I'll add the test case.