Bug 453623 - sed -i changes security context
sed -i changes security context
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sed (Show other bugs)
5.2
All Linux
low Severity low
: rc
: ---
Assigned To: Vojtech Vitek
: FutureFeature
Depends On: 524837
Blocks:
  Show dependency treegraph
 
Reported: 2008-07-01 12:12 EDT by Petr Šplíchal
Modified: 2016-05-31 21:36 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-04-20 15:28:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Petr Šplíchal 2008-07-01 12:12:01 EDT
Description of problem:

After editing the nsswitch.conf file inside an RHTS test with sed -i I've
encoutered an AVC denial because of a wrong security context of this file (which
was caused by sed).

Version-Release number of selected component (if applicable):
sed-4.1.5-5.fc6

Steps to reproduce:
Run the following as an RHTS test

ls -Z /etc/nsswitch.conf
-rw-r--r--  root root system_u:object_r:etc_t /etc/nsswitch.conf

sed -i 's/^passwd.*$/passwd: files winbind/' /etc/nsswitch.conf
ls -Z /etc/nsswitch.conf

Actual results:
-rw-r--r--  root root system_u:object_r:etc_runtime_t /etc/nsswitch.conf

Expected results:
-rw-r--r--  root root system_u:object_r:etc_t /etc/nsswitch.conf

Additional info:

sed opens a temporary file, filters input into it and then renames/moves it to
the original, the last operation may cause the change in context.

What about creating the copy first and then filtering its contents into the
original? In this way there would be no change in security context and/or file
permissions.
Comment 1 Petr Machata 2008-07-01 12:46:56 EDT
Would you try to use sed -i -c instead of merely sed -i?
Comment 2 Petr Šplíchal 2008-07-14 08:31:25 EDT
Oh, I see. I didn't noticed this option. Anyway, shouldn't this behaviour be the
default one? Does anybody expect ownership and/or security context to be
modified when editing file in place with -i option? Is there any reason for
keeping the rename-like behaviour which happens without -c option? I'd suggest
to use -c always when running in in-place mode, which would automatically avoid
these unexpected changes.
Comment 3 Petr Machata 2008-07-14 09:18:34 EDT
I used the option because this was Fedora/RHEL-specific change in behaviour (my
concern was that copying potentially large file is something you may want to
avoid if possible).  I believe upstream sed already made this the default
behaviour, so as soon as new sed appears, we will follow the suit.
Comment 4 Paolo Bonzini 2009-06-25 14:08:17 EDT
(I'm speaking as the upstream maintainer).

The upstream version of sed introduced the --follow-symlinks option but it is an optional behavior; the --copy option was not taken (and will never be as long as I maintain sed).

The permission problem was fixed upstream by copying the owner and ACL, but not the security contexts.  I'm working on it right now.
Comment 14 RHEL Product and Program Management 2010-08-09 15:15:05 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 16 RHEL Product and Program Management 2011-09-22 20:29:03 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 17 Jake Kodak 2012-04-20 15:28:22 EDT
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. After consideration, Red Hat does not plan to incorporate the suggested capability in a future release of Red Hat Enterprise Linux. If you would like Red Hat to re-consider your feature request, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.

Note You need to log in before you can comment on or make changes to this bug.