[Pkg-shadow-devel] Bug#941005: Bug#941005: shadow uses obsolete SELinux API
Serge E. Hallyn
serge at hallyn.com
Tue Sep 24 03:09:47 BST 2019
Thanks. If you feel so inclined, please feel free to file an issue for it
at github.com/shadow-maint/shadow. I'll aim to fix this in the next week
or two. (A lot of travel coming up)
On Mon, Sep 23, 2019 at 01:16:10PM +0200, Laurent Bigonville wrote:
> Source: shadow
> Version: 1:4.7-2
> Severity: normal
> User: selinux-devel at lists.alioth.debian.org
> Usertags: selinux
>
> Hello,
>
> It seems that the shadow source package is using obsolete SELinux API,
> for example:
>
> In file included from passwd.c:46:
> /usr/include/selinux/flask.h:5:2: warning: #warning "Please remove any #include's of this header in your source code." [-Wcpp]
> #warning "Please remove any #include's of this header in your source code."
> ^~~~~~~
> /usr/include/selinux/flask.h:6:2: warning: #warning "Instead, use string_to_security_class() to map the class name to a value." [-Wcpp]
> #warning "Instead, use string_to_security_class() to map the class name to a value."
> ^~~~~~~
> In file included from passwd.c:47:
> /usr/include/selinux/av_permissions.h:1:2: warning: #warning "Please remove any #include of this header in your source code." [-Wcpp]
> #warning "Please remove any #include of this header in your source code."
> ^~~~~~~
> /usr/include/selinux/av_permissions.h:2:2: warning: #warning "Instead, use string_to_av_perm() to map the permission name to a value." [-Wcpp]
> #warning "Instead, use string_to_av_perm() to map the permission name to a value."
>
> That should be fixed as it could lead to security issues (or at least
> weakened security) for people using SELinux
>
> Kind regards,
>
> Laurent Bigonville
>
> -- System Information:
> Debian Release: bullseye/sid
> APT prefers unstable-debug
> APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 5.2.0-2-amd64 (SMP w/8 CPU cores)
> Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> _______________________________________________
> Pkg-shadow-devel mailing list
> Pkg-shadow-devel at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
More information about the Pkg-shadow-devel
mailing list