aboutsummaryrefslogtreecommitdiff
path: root/xorg-server/Xext/xselinux_hooks.c
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2011-03-04 15:38:04 +0000
committermarha <marha@users.sourceforge.net>2011-03-04 15:38:04 +0000
commit3592ad31cfc72ffff3c9024eecea7d3b987c7954 (patch)
tree0e3b50cb6bcd0839b591d318a41d04b7cbd8e6e2 /xorg-server/Xext/xselinux_hooks.c
parent79409465b0b8d5d38e6b94deb1943316f40c66eb (diff)
parent0a5888393c68f6f7db86206d1f277232db18240b (diff)
downloadvcxsrv-3592ad31cfc72ffff3c9024eecea7d3b987c7954.tar.gz
vcxsrv-3592ad31cfc72ffff3c9024eecea7d3b987c7954.tar.bz2
vcxsrv-3592ad31cfc72ffff3c9024eecea7d3b987c7954.zip
svn merge ^/branches/released .
Diffstat (limited to 'xorg-server/Xext/xselinux_hooks.c')
-rw-r--r--xorg-server/Xext/xselinux_hooks.c32
1 files changed, 16 insertions, 16 deletions
diff --git a/xorg-server/Xext/xselinux_hooks.c b/xorg-server/Xext/xselinux_hooks.c
index 57e49c090..1c048bd68 100644
--- a/xorg-server/Xext/xselinux_hooks.c
+++ b/xorg-server/Xext/xselinux_hooks.c
@@ -40,6 +40,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#include "propertyst.h"
#include "extnsionst.h"
#include "xacestr.h"
+#include "client.h"
#include "../os/osdep.h"
#define _XSELINUX_NEED_FLASK_MAP
#include "xselinuxint.h"
@@ -129,26 +130,25 @@ SELinuxLabelClient(ClientPtr client)
/* For local clients, try and determine the executable name */
if (XaceIsLocal(client)) {
- struct ucred creds;
- socklen_t len = sizeof(creds);
- char path[PATH_MAX + 1];
- size_t bytes;
-
- memset(&creds, 0, sizeof(creds));
- if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &creds, &len) < 0)
- goto finish;
+ /* Get cached command name if CLIENTIDS is enabled. */
+ const char *cmdname = GetClientCmdName(client);
+ Bool cached = (cmdname != NULL);
+ /* If CLIENTIDS is disabled, figure out the command name from
+ * scratch. */
+ if (!cmdname)
+ {
+ pid_t pid = DetermineClientPid(client);
+ if (pid != -1)
+ DetermineClientCmd(pid, &cmdname, NULL);
+ }
- snprintf(path, PATH_MAX + 1, "/proc/%d/cmdline", creds.pid);
- fd = open(path, O_RDONLY);
- if (fd < 0)
+ if (!cmdname)
goto finish;
- bytes = read(fd, path, PATH_MAX + 1);
- close(fd);
- if (bytes <= 0)
- goto finish;
+ strncpy(subj->command, cmdname, COMMAND_LEN - 1);
- strncpy(subj->command, path, COMMAND_LEN - 1);
+ if (!cached)
+ free((void *) cmdname); /* const char * */
}
finish:
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 04:35:54 +0000