Skip to content
This repository has been archived by the owner on Jun 18, 2018. It is now read-only.

libqpol does not correctly detect user range issues #72

Open
pebenito opened this issue Jan 20, 2016 · 0 comments
Open

libqpol does not correctly detect user range issues #72

pebenito opened this issue Jan 20, 2016 · 0 comments
Labels
bug setools/policyrep package

Comments

@pebenito
Copy link
Contributor

An invalid user:

user modified_change_level roles system level s2:c1 range s2:c0,c1;

was not detected by libqpol. Checkpolicy provides the following, albeit obtuse, error:

checkpolicy:  loading policy configuration from tests/diff_right.conf
libsepol.user_copy_callback: default level not within user range
Error while expanding policy
pebenito added a commit that referenced this issue Jan 20, 2016
@pebenito
PolicyDifferenceTest: fix invalid policies.
3227fb8 
Found the policy compile-load has a bug and does not detect if a user's
default level is not within the allowed range.

Opened #72 to track.
pebenito added a commit that referenced this issue Jan 20, 2016
@pebenito
SELinuxPolicyLoadError: create test suite for loading invalid policies
6f4860d 
Create a test case for testing user's default level not in the range,
#72 even though it is not yet fixed.
@pebenito pebenito modified the milestone: 4.0.0-beta Jan 26, 2016
fishilico pushed a commit to fishilico/old-setools that referenced this issue Aug 13, 2019
@pebenito
tests: Revise unit tests for binary-only policy support.
4684eca 
Closes OwlCyberDefense#72
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug setools/policyrep package
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pebenito