git.ipfire.org Git - thirdparty/coreutils.git/commit

author	Christian Göttsche <cgzones@googlemail.com>
	Tue, 19 Dec 2023 14:55:28 +0000 (15:55 +0100)
committer	Pádraig Brady <P@draigBrady.com>
	Tue, 19 Dec 2023 17:34:33 +0000 (17:34 +0000)
commit	98d463ef5d44b9dfe6757942251164b56795b06f
tree	5add6be8c26bb7d931ea9f1911609ec1e518d620	tree
parent	343b8d7ba705c4e2a537bdc06ac6aa043e5f9e31	commit \| diff

copy,install: avoid unnecessary security context translations

Do not perform SELinux context translation for operations not involving
user input or output. Context translation converts MCS/MLS labels into
human readable form, which is useful for user facing applications like
ls(1) or the --context=CTX argument of cp(1).

* src/copy.c (set_process_security_ctx): Use raw selinux variants.
* src/install.c (need_copy): Likewise.
(setdefaultfilecon): Likewise.
* src/selinux.c (computecon): Likewise.
(defaultcon): Likewise.
* tests/cp/no-ctx.sh: Add raw variants to preload lib.
* NEWS: Mention the improvement.

NEWS		diff \| blob \| blame \| history
src/copy.c		diff \| blob \| blame \| history
src/install.c		diff \| blob \| blame \| history
src/selinux.c		diff \| blob \| blame \| history
tests/cp/no-ctx.sh		diff \| blob \| blame \| history