[Pkg-shadow-devel] Bug#472575: Bug#472575: Bug#472575: /usr/bin/passwd needs patch for better SE Linux support

Russell Coker russell at coker.com.au
Tue Mar 25 21:09:41 UTC 2008


On Wednesday 26 March 2008 04:08, Christian Perrier <bubulle at debian.org> 
wrote:
> Quoting Nicolas François (nicolas.francois at centraliens.net):
> > > password.  With SE Linux Strict policy a user who has UID==0 and the
> > > role user_r can do little damage to the system.
> >
> > Thanks for the patch. I will commit it for 4.1.1.
>
> Is there any need to discuss this with other distros?

Which other distros are you referring to?  Red Hat appears to use a different 
source base for passwd (and in any case a large part of my patch was copied 
from their code).  Who else has SE Linux support?

> (context for Russel: we are now upstream for shadow so we do our best
> to sync our improvements with other vendors who use it...."we"==mostly
> Nicolas François and a very little part of /me)

For distros using SE Linux my patch will never cause any problems (if the 
previous code worked) and will stop some cases where machines can get owned.





More information about the Pkg-shadow-devel mailing list