diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-10-23 18:32:22 +0200 |
---|---|---|
committer | Anthony G. Basile <blueness@gentoo.org> | 2014-10-25 18:33:38 -0400 |
commit | c649be35f12331321ef2e5da522d91baa9a77550 (patch) | |
tree | d2089560aad580a7e3a5c6e14375c5684171b07c | |
parent | 65e7a7fcba7e5aeb0bb1521070d7bc0547663975 (diff) |
smack: never follow symlinks when relabelling
previously mac_smack_apply(path, NULL) would operate on the symlink
itself while mac_smack_apply(path, "foo") would follow the symlink.
Let's clean this up an always operate on the symlink, which appears to
be the safer option.
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
-rw-r--r-- | src/shared/smack-util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c index 34f9c68733..8ba4617d85 100644 --- a/src/shared/smack-util.c +++ b/src/shared/smack-util.c @@ -50,7 +50,7 @@ int mac_smack_apply(const char *path, const char *label) { return 0; if (label) - r = setxattr(path, "security.SMACK64", label, strlen(label), 0); + r = lsetxattr(path, "security.SMACK64", label, strlen(label), 0); else r = lremovexattr(path, "security.SMACK64"); if (r < 0) |