Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3849

set_selinux_context needs parameter checks

    XMLWordPrintable

Details

    • Night's Watch

    Description

      Snippet from PR review

      I'm more concerned abut the set_selinux_context() function, where the 'value' argument isn't being checked for whitespace or colons. At around line 97, if 'value' includes a colon, then when the context is split up based on the colons and joined back together again, the components in the context string will pushed to the left by the new colon added by 'value'. Puppet then gives a cryptic 'can't set the SELinux context' error instead of a better 'SELinux components can't include whitespace or colons' error.

      Note when component is false, when value is the entire context replacement string, which can include whitespace in the MLS section will include colons between components, so any checks on value should be in the 'then' clause ~ line 88.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. PUP-1747 Selinux parsing with multiple levels

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Accepted
          relates to

          Bug - A problem which impairs or prevents the functions of the product. PUP-3481 Regex problem with an SELinux context type with a dash

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              Unassigned Unassigned
              kylo Kylo Ginsberg
              Eric Thompson Eric Thompson
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support