Re: [PATCH] warn on missing selinux files

[Paolo Bonzini]

Bruno Haible wrote:
> Paolo Bonzini wrote:
> > "sed -i" bothers. ... hard links ... the choice 
> > to break them or keep them must be done uniformly on all platforms
>
> This choice has been already been made public in sed's documentation:

Yes, the reference to keeping/breaking hard links was about when I added 
sed -i, not about a recent decision.

> > it must recreate the file (*) and then copy it 
> > to the old file name.  In doing so it must copy the security context 
> > just like it copies UIDs, GIDs, modes and ACLs.
>
> So this means:
>
>   1) The existing module 'copy-file' (used e.g. by gettext when creating
>      backup files) should be updated to copy also the selinux context of
>      the file. Anyone knows how to do that?

http://git.savannah.gnu.org/gitweb/?p=sed.git;a=commitdiff;h=fa01dd7 
should teach you, it's easier than I expected.

>   2) We should also have a module that creates a new, empty file with the
>      security context (uid, gid, mode, ACL and selinux context) of a given
>      file.

I don't think so, because most of the time you want restrictive 
permissions until the file is complete.  So we could instead have a 
module that takes a file descriptor and copies all the attributes of a 
given file (or descriptor) to it.

http://git.savannah.gnu.org/gitweb/?p=sed.git;a=commitdiff;h=5156c1 did 
this change for sed, I'm pretty sure you want it in copy-file too.  I 
cannot describe a case in which it constitutes a security problem, but 
I'm pretty sure one could be constructed.

Paolo