*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: coreutils
Attempting to demonstrate the power of selinux I tried the following
demo (works in RHEL):
[EMAIL PROTECTED]:/var/www# ls -lZ /etc/shadow
-rw-r-----+ 1 root shadow system_u:object_r:shadow_t 1193 2008-03-17 17:55
/etc/shadow
[EMAIL PROTECTED]:/var/www# cp -a /etc/shadow .
[EMAIL PROTECTED]:/var/www# ls -lZ shadow
-rw-r-----+ 1 root shadow unconfined_u:object_r:var_t 1193 2008-03-17 17:55
shadow
As you can observe, while the cp -a (cp -p obviously is no different) preserves
ownership and permissions, the selinux context is not preserved.
This has been flagged as a potential security risk because, as you can see,
selinux becomes quite useless if contexts can't be preserved while copying
things around.
Note: the "mv" command preserves the selinux context as expected.
[EMAIL PROTECTED]:/var/www# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION="Ubuntu hardy (development branch)"
[EMAIL PROTECTED]:/var/www# apt-cache policy coreutils
coreutils:
Installed: 6.10-3ubuntu1
Candidate: 6.10-3ubuntu1
Version table:
*** 6.10-3ubuntu1 0
500 http://us.archive.ubuntu.com hardy/main Packages
100 /var/lib/dpkg/status
** Affects: coreutils (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
"cp" command doesn't preserve selinux context
https://bugs.launchpad.net/bugs/203433
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
