diff options
| author | Eamon Walsh <ewalsh@tycho.nsa.gov> | 2008-03-20 20:03:02 -0400 |
|---|---|---|
| committer | Eamon Walsh <ewalsh@moss-charon.epoch.ncsc.mil> | 2008-03-20 20:03:02 -0400 |
| commit | 3bbd77ff98478153afe3251de9ba11d757218213 (patch) | |
| tree | 1bf7cf7f36b38632ec14f7cec5152ddad29e3365 /Xext | |
| parent | e323bb426ce8a072d119cb2720b773241259c137 (diff) | |
XSELinux: Do a check for whether background "None" is allowed.
Diffstat (limited to 'Xext')
| -rw-r--r-- | Xext/xselinux.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Xext/xselinux.c b/Xext/xselinux.c index 303589860..17ce7af10 100644 --- a/Xext/xselinux.c +++ b/Xext/xselinux.c @@ -1026,6 +1026,13 @@ SELinuxResource(CallbackListPtr *pcbl, pointer unused, pointer calldata) rc = SELinuxDoCheck(subj, obj, class, access_mode, &auditdata); if (rc != Success) rec->status = rc; + + /* Perform the background none check on windows */ + if (access_mode & DixCreateAccess && rec->rtype == RT_WINDOW) { + rc = SELinuxDoCheck(subj, obj, class, DixBlendAccess, &auditdata); + if (rc != Success) + ((WindowPtr)rec->res)->forcedBG = TRUE; + } } static void |