Displaying 1 result from an estimated 1 matches for "getctxbyname".
2011 Dec 13
5
[Bug 1960] New: Running sshd in wrong SELinux context causes segmentation fault when a user logs in
...ssive mode), if
the SSH daemon runs in the wrong context (for instance kernel_t) a
logon of a user through SSH causes the session to terminate abruptly
due to a segmentation fault.
This is caused by not initializing the local variable "sc" in the
openbsd-compat/port-linux.c::ssh_selinux_getctxbyname() function. The
call to get_default_context() will result in the return code -1, but
"sc" is left untouched (and thus not a valid security_context_t
instance). Later in the function, "sc" is returned to the calling
function (which is ssh_selinux_setup_exec_context) which tries t...