tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libselinux: getcon.3: add note about PID races

Browse source 
Add a note that querying a foreign process via its PID is inherently
racy.

Suggested-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: Jason Zaman <jason@perfinion.com>
This commit is contained in:
Christian Göttsche 2023-02-01 14:15:16 +01:00 committed by Jason Zaman
parent 494eb683f3
commit 49e65b85d6
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
libselinux/man/man3/getcon.3
View file

@ -149,5 +149,9 @@ The retrieval functions might return success and set
.I *context
to NULL if and only if SELinux is not enabled.
Querying a foreign process via its PID, e.g. \fBgetpidcon\fR() or
\fBgetpidprevcon\fR(), is inherently racy and therefore should never be relied
upon for security purposes.
.SH "SEE ALSO"
.BR selinux "(8), " setexeccon "(3)"