Bug 596415 - bug in git policy
Summary: bug in git policy
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 13
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 596411 596412 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-26 17:58 UTC by Dominick Grift
Modified: 2010-06-08 19:27 UTC (History)
2 users (show)

Fixed In Version: selinux-policy-3.7.19-23.fc13
Clone Of:
Environment:
Last Closed: 2010-05-29 13:10:15 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
patch to remove buggy rules in git policy module (1.45 KB, patch)
2010-05-26 17:58 UTC, Dominick Grift 		no flags Details | Diff
View All

Description Dominick Grift 2010-05-26 17:58:09 UTC 
Created attachment 416954 [details]
patch to remove buggy rules in git policy module

Description of problem:

There is a bug in git policy that allows users to circumvent the restrictions in place for users executing content.

By removing these buggy rules git session content will be equal to userdom_user_home_content and same rules will apply

Version-Release number of selected component (if applicable):
any

See attached patch:
Comment 1 Daniel Walsh 2010-05-26 20:44:09 UTC 
Fixed in selinux-policy-3.7.19-22.fc13.noarch
Comment 2 Miroslav Grepl 2010-05-27 07:31:48 UTC 
*** Bug 596411 has been marked as a duplicate of this bug. ***
Comment 3 Miroslav Grepl 2010-05-27 07:32:10 UTC 
*** Bug 596412 has been marked as a duplicate of this bug. ***
Comment 4 Fedora Update System 2010-05-28 12:27:22 UTC 
selinux-policy-3.7.19-22.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/selinux-policy-3.7.19-22.fc13
Comment 5 Dominick Grift 2010-05-29 13:10:15 UTC 
Confirmed to be fixed
Comment 6 Fedora Update System 2010-06-08 19:25:52 UTC 
selinux-policy-3.7.19-23.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.