diff options
| author | Eamon Walsh <ewalsh@tycho.nsa.gov> | 2009-08-10 18:34:07 -0400 |
|---|---|---|
| committer | Eamon Walsh <ewalsh@tycho.nsa.gov> | 2009-08-17 14:51:10 -0400 |
| commit | 73975ef3a39ce522c6206ca800ed175fbf851dcf (patch) | |
| tree | 8326edfeea37192db827f6989c64b0a430d1e02c /Xext | |
| parent | 66e32d252cffcd4fe7d505f1c211253f23c5002c (diff) | |
xselinux: Allow per-client device create contexts.
The previous behavior was to set the serverClient's value which was used globally.
This is in support of XI2, where clients can create device pairs directly.
Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov>
Diffstat (limited to 'Xext')
| -rw-r--r-- | Xext/xselinux.c | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/Xext/xselinux.c b/Xext/xselinux.c index d71895174..a199a0e46 100644 --- a/Xext/xselinux.c +++ b/Xext/xselinux.c @@ -1318,14 +1318,6 @@ ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) return BadAlloc; } - if (offset == CTX_DEV) { - /* Device create context currently requires manage permission */ - rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess); - if (rc != Success) - goto out; - privPtr = &serverClient->devPrivates; - } - ptr = dixLookupPrivate(privPtr, subjectKey); pSid = (security_id_t *)(ptr + offset); sidput(*pSid); @@ -1337,7 +1329,7 @@ ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) avc_context_to_sid_raw(ctx, pSid) < 0) rc = BadValue; } -out: + xfree(ctx); return rc; } |