[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[patch #4848] Patch - Support for SELinux
From: |
James Youngman |
Subject: |
[patch #4848] Patch - Support for SELinux |
Date: |
Sun, 22 Feb 2009 15:51:06 +0000 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.6) Gecko/2009020407 Iceweasel/3.0.6 (Debian-3.0.6-1) |
Follow-up Comment #3, patch #4848 (project findutils):
OK, the patch is a viable start - thanks for contributing it - but there are
a number of problems:
* It does not update the Texinfo documentation at all!
* It makes --version emit SELINUX even if that feature is not availble. This
is especially a problem because now there is presumably a significant
installed base of RH-related machines that give misleading information. Since
the gnulib implementation is a stub even if the compiled program is then run
on a SELinux-enabled system, this is an unfortunate bug. If a binary RPM
package made with this patch has never been built on a machine lacking the
selinux development libraries, this may be a bug without impact though.
* The costlookup[] initialisation sets pred_context to NeedsNothing, which
will presumably lead the optimiser to prefer it to much cheaper tests (for
example -type). I would guess that NeedsAccessInfo is probably approximately
the right cost (though I have not looked at the SELinux implementation).
* parse_context leaves pred->est_success_rate at 1.0, which is on average an
overestimate.
There are also some minor issues which are just not a big deal (not patching
the NEWS or ChangeLog files, spurious introduction of pred->args.scontext).
Fortunately these problems only affect users who actually make use of
-context (or look for SELINUX in the --version output).
I would be happy to apply an updated version of this patch if you'd care to
make one.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/patch/?4848>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/