178412 – xdm needs to have selinux patch

Bug 178412 - xdm needs to have selinux patch

Summary: xdm needs to have selinux patch

Keywords:
Status:	CLOSED CANTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	xorg-x11
Sub Component:
Version:	4.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	X/OpenGL Maintenance List
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-01-20 09:27 UTC by David Bestor
Modified:	2007-11-30 22:07 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-02-09 12:57:40 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
selinux patch (5.39 KB, patch) 2006-01-20 09:28 UTC, David Bestor	no flags	Details \| Diff
View All

Description David Bestor 2006-01-20 09:27:25 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050923 CentOS/1.0.7-1.4.1.1ment Firefox/1.0.7

Description of problem:
#before xdm patch
id -Z
user_u:system_r:initrc_t

su -
Password:
Your default context is root:system_r:unconfined_t.

Do you want to choose a different one? [n]
#

#after xdm patch
id -Z
user_u:system_r:unconfined_t

su -
Password:
#


Version-Release number of selected component (if applicable):
xorg-x11-xdm-6.8.2-1.EL.13.20

How reproducible:
Always

Steps to Reproduce:
1. use xdm
2. login
3. id -Z
4. su -

Actual Results:  Your default context is root:system_r:unconfined_t.

Expected Results:  Nothing

Additional info:

The real issue is xdm is not selinux aware.

Patch attached was from :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=233551
Although the bug was for xfree,the xorg patch was trivial.

Comment 1 David Bestor 2006-01-20 09:28:58 UTC

Created attachment 123472 [details]
selinux patch

patch for xdm and selinux

Comment 3 Mike A. Harris 2006-01-24 20:46:38 UTC

Feature enhancement requests for Red Hat Enterprise Linux can be made
by contacting Red Hat support services via 1-888-RED-HAT1, or by filing
a web support ticket at http://www.redhat.com/support depending on
the type of Red Hat support contract obtained.

The general process for feature requests, is to have the author of
the patch/code submit their code to X.Org bugzilla at
http://bugs.freedesktop.org in the "xorg" component for review and
consideration.  Once the patch has been accepted and committed to X.Org
CVS, it will then get wider community regression and stability testing.

Later, when it is considered stable upstream, we can then re-review the
official support request for consideration in a future RHEL OS update
or new OS release.

Once a request is filed in X.Org bugzilla, if someone provides us with
the upstream bug URL, we will also track the issue in the upstream bugzilla.

Thanks in advance.

Comment 4 Mike A. Harris 2006-02-09 12:57:40 UTC

Closing request due to lack of feedback/response to above queries.

Red Hat Enterprise Linux customers who wish to make an official feature
request for RHEL, can do so by logging into the Red Hat support website
at http://www.redhat.com/support or by contacting Red Hat support services
at 1-888-RED-HAT1 to make an official support request.

As mentioned in comment #3, most feature requests of this nature need
to be submitted directly to the upstream project and be accepted into
their codebase before we will consider inclusion in our products.

Setting status to "CANTFIX", as the prerequisites have not been met in
order for this feature to be considered for RHEL.

Note You need to log in before you can comment on or make changes to this bug.