[Toybox] integration of SMACK
enh
enh at google.com
Thu May 7 13:02:42 PDT 2015
nice! that worked out even better than i'd hoped.
On Thu, May 7, 2015 at 7:51 AM, José Bollo <jobol at nonadev.net> wrote:
> Le mercredi 06 mai 2015 à 13:19 -0700, James McMechan a écrit :
> > Looking at the fixes:
> >
> > toys/other/stat.c for group name outputting the user name seems like a
> good catch
> >
> > toys/posix/cp.c you are treating -p like --preserve=all not like -p
> which only does mode,ownership,timestamps
> > according to the man page -p does not copy over xattrs at all, which
> seems kind of odd...
> >
> > toys/posix/id.c seems to lose the TOYBOX_USR flag which I think insures
> it is in /usr/bin like the regular version.
> >
> > this is the second case where your are using
> > (TOYBOX_SELINUX || TOYBOX_SMACK)
> > perhaps you should add a hidden symbol like TOYBOX_SECURITY that could
> have all the various versions || together and use that in place of doing it
> by hand each time for the ??_SECURITY symbol.
> >
> > also you pulled the
> > if (CFG_TOYBOX_FREE) free(context);
> > up into the two if statements rather leaving it after both like it was.
> It should work as a good compiler will do tail combining but just having it
> sitting at the end is both clearer and shorter because both cases fall
> through to the same code.
> > The lines 151-169 look like a extra string e.g. "LSM Smack Disabled" vs
> "SELinux Disabled" and a slight shuffling of the if statements could make
> that much shorter both halves seem to be almost identical...
> >
> >
> > toybox/posix/mkdir.c does the normal mkdir really reset the process
> label for all future use when you use -p & -Z ? should it set it back to
> normal when the command is done? or is that per process context that
> vanishes on exit?
> >
> >
> >
> > toys/posix/mkfifo.c lost TOYBOX_USR
> >
> >
> > I could not find any way to comment on git hub directly though.
> >
> > Jim
> (snip)
>
> Hello,
>
> From your comments, I made big changes that can be seen here
>
> https://github.com/jobol/toybox/tree/smack-9
>
> It introduces the files lib/security.[ch] to coalesce security stuff, as
> was suggested Elliott.
>
> It also introduce SECURITY_(NONE|SMACK|SELINUX) macros... To be
> discussed I think.
>
> It also fix some bugs that I found.
>
> Remains 2 problems:
> - the cp -p that I want to fix now
> - the good alignment of special files in ls
>
> Thank you again for the review
>
> Best regards
> José Bollo
>
>
>
--
Elliott Hughes - http://who/enh - http://jessies.org/~enh/
Android native code/tools questions? Mail me/drop by/add me as a reviewer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20150507/e40e736e/attachment-0004.htm>
More information about the Toybox
mailing list