[Pm-utils] some simple patches from fedora

Stefan Seyfried seife at suse.de
Wed Jan 30 02:41:47 PST 2008

On Sun, Dec 23, 2007 at 11:33:52PM +0100, Till Maas wrote:
> Hi,
> here are some patches from Fedora that work on cvs HEAD, I guess the cfg patch 
> is known by everyone and the manpage typo is also pretty obvious. The logfile 
> patch is required on systems that use selinux. When the logfile is deleted, 
> the selinux context is lost. Therefore the patch changes pm-utils not to 
> remove the logfile.

If somebody managed to get a symlink where the logfile should be, you are fscked.
So i think this is less secure.

> There is no need to remove the logfile, because the ">" after exec in the next line
> already truncates the logfile to zero length. Also removing is wrong, because it

What it $PM_LOGFILE is a symlink to /etc/passwd?

> destroys the selinux context of the logfile. Bugzilla Reports:
> https://bugzilla.redhat.com/show_bug.cgi?id=237840
> https://bugzilla.redhat.com/show_bug.cgi?id=238068

Then fix selinux. No need to make pm-utils insecure.
Stefan Seyfried
R&D Team Mobile Devices            |              "Any ideas, John?"
SUSE LINUX Products GmbH, Nürnberg | "Well, surrounding them's out." 

This footer brought to you by insane German lawmakers:
SUSE Linux Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)

More information about the Pm-utils mailing list