diff options
author | Lennart Poettering <lennart@poettering.net> | 2014-10-23 18:32:22 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2014-10-23 21:36:56 +0200 |
commit | d1ce2089b4b2fb1f1d8faba9a0aa6d9f8fbb0638 (patch) | |
tree | a09b078837d731a0808bc871ff892562f240984b /src | |
parent | d53e386db62ee7f03e7d493ae0e6db7a31a5d811 (diff) |
smack: never follow symlinks when relabelling
previously mac_smack_apply(path, NULL) would operate on the symlink
itself while mac_smack_apply(path, "foo") would follow the symlink.
Let's clean this up an always operate on the symlink, which appears to
be the safer option.
Diffstat (limited to 'src')
-rw-r--r-- | src/shared/smack-util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c index 4a94922a43..c345488d2e 100644 --- a/src/shared/smack-util.c +++ b/src/shared/smack-util.c @@ -50,7 +50,7 @@ int mac_smack_apply(const char *path, const char *label) { return 0; if (label) - r = setxattr(path, "security.SMACK64", label, strlen(label), 0); + r = lsetxattr(path, "security.SMACK64", label, strlen(label), 0); else r = lremovexattr(path, "security.SMACK64"); if (r < 0) |