Red Hat Bugzilla – Bug 227345
pam_namespace should convert the context names before it uses them as filenames
Last modified: 2007-11-30 17:07:41 EST
From Ted X Toth (txtoth at gmail com):
The CAPCO security labeling standard allows for characters that are both illegal
(for instance '/') and unsightly in filenames. This patch processes the
context to generate a more viable filename. It does so by replacing
unwanted characters with '_'. I put together a list of character to be
replaced but feel free to alter it. I created the patch against
Rawhide but hopefully it will work its way into RHEL5.
Created attachment 147358 [details]
Proposed patch by Ted X Toth
I don't think this would be unigues. The file context on disk should be stored
in untranslated form, which will always be a valid directory name.
Fixed in pam-0.99.6.2-17.el5 in dist-5E-lspp - we use raw contexts for dir names.
Created attachment 154209 [details]
test script to create directories
We've got 1024 possible categories and a 256 character limitation on file name
length so it would not be unreasonable to create an invalid file name with this
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.