(2011/01/27 0:25), Robert Haas wrote:
> 2011/1/25 KaiGai Kohei<kaigai@ak.jp.nec.com>:
>> (2011/01/26 12:23), KaiGai Kohei wrote:
>>>>> Yikes. On further examination, exec_object_restorecon() is pretty
>>>>> bogus. Surely you need some calls to quote_literal_cstr() in there
>>>>> someplace.
>>>>
>>> Are you concerning about the object name being supplied to
>>> selabel_lookup_raw() in exec_object_restorecon()?
>>> I also think this quoting you suggested is reasonable.
>>>
>> How about the case when the object name only contains alphabet and
>> numerical characters?
>
> Oh, quote_literal_cstr() is the wrong function - these are
> identifiers, not literals. So we should use quote_identifier().
>
OK, I did with quote_identifier().
The attached patch fixes up several stuffs in sepgsql module.
- The object names being supplied to selabel_lookup_raw() to
lookup initial labels become qualified by quote_identifier(),
if necessary.
- On access violation, sepgsql_check_perms() records audit
logs. It contains object name being referenced.
It became generated using getObjectDescription().
- Also, sepgsql_audit_log() becomes to quote the supplied
object name, because it may contains white-space.
- Error messages become obtaining "%m", when the error was
originated from the libselinux interfaces. It will provides
DBA a hint why interactions with SELinux does not work well.
- Documentation was updated to suggest users to install
libselinux v2.0.93 or later, because it used newer features
than ones provided in v2.0.80.
- Regression Test was updated, because of error message updates.
Thanks,
--
KaiGai Kohei <kaigai@ak.jp.nec.com>
