[Pkg-shadow-devel] Bug#941005: shadow uses obsolete SELinux API

[Laurent Bigonville]

Source: shadow
Version: 1:4.7-2
Severity: normal
User: selinux-devel at lists.alioth.debian.org
Usertags: selinux

Hello,

It seems that the shadow source package is using obsolete SELinux API,
for example:

In file included from passwd.c:46:
/usr/include/selinux/flask.h:5:2: warning: #warning "Please remove any #include's of this header in your source code." [-Wcpp]
 #warning "Please remove any #include's of this header in your source code."
  ^~~~~~~
/usr/include/selinux/flask.h:6:2: warning: #warning "Instead, use string_to_security_class() to map the class name to a value." [-Wcpp]
 #warning "Instead, use string_to_security_class() to map the class name to a value."
  ^~~~~~~
In file included from passwd.c:47:
/usr/include/selinux/av_permissions.h:1:2: warning: #warning "Please remove any #include of this header in your source code." [-Wcpp]
 #warning "Please remove any #include of this header in your source code."
  ^~~~~~~
/usr/include/selinux/av_permissions.h:2:2: warning: #warning "Instead, use string_to_av_perm() to map the permission name to a value." [-Wcpp]
 #warning "Instead, use string_to_av_perm() to map the permission name to a value."

That should be fixed as it could lead to security issues (or at least
weakened security) for people using SELinux

Kind regards,

Laurent Bigonville

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled