After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 623692 - directory with file at multiple MLS levels may not display any files
directory with file at multiple MLS levels may not display any files
Status: RESOLVED FIXED
Product: glib
Classification: Platform
Component: gio
unspecified
Other Linux
: Normal normal
: ---
Assigned To: gtkdev
gtkdev
Depends on:
Blocks:
 
 
Reported: 2010-07-06 15:37 UTC by Matthias Clasen
Modified: 2010-07-08 18:22 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
a patch (6.26 KB, patch)
2010-07-06 15:37 UTC, Matthias Clasen 		none Details | Review

Description Matthias Clasen 2010-07-06 15:37:01 UTC 
Created attachment 165366 [details] [review]
a patch

When running with selinux-policy-mls in enforcing if a directory contains files
labeled at different levels/mls ranges for instance s1, s2 then nautilus may
not show any files when you navigate to that directory. ls will show file names
of files but no other info which is the model that should be followed by
nautilus.
Comment 1 Matthias Clasen 2010-07-06 15:37:51 UTC 
Proposed patch by Tomas Bzatek, modifying local GIO behaviour a little. 
When we get the EACCESS error on stat(), we still try to collect other attributes. No error is propagated to clients and only some attributes are set (usually name, display-name, edit-name, copy-name). Any other cases, error is fatal just like before. Please correct me if we can get any other types of errors with MLS.

From his testing it doesn't seem to break any stuff on restricted files,
applications will still report error during reading the contents. And we can't
sniff/guess MIME type, can't distinguish between regular file and directory,
can't even get selinux context or any xattrs.