pluginscanner: Selinux enhanced file rights not handled correctly (#61) · Issues · GStreamer / gstreamer

pluginscanner: Selinux enhanced file rights not handled correctly

Submitted by kas..@..ain.de

Link to original bug (#733001)

Description

Following steps to reproduce

Installing Fluendo Code package
Enable Selinux
run gst-inspect-1.0
now all newy added codecs are blacklisted because we have not relabled the new installation
Disable Selinux
run gst-inspect will not change anything because files are unchanged and already on blacklist

Only deleting the registry would help.

Correct handling would be in
gst/gstregistry.c in function gst_registry_scan_path_level

and add in the checks for regular file

if (access(filename,X_OK)!=0) {
GST_TRACE_OBJECT (context->registry, "%s file status SeLinux executable file, ignoring",
filename);
g_free (filename);
continue;
}

So we check if the file is executable ( normal file rights and SeLinux). If not executable we just ignore it.
Tested on Linux it is working.

## Submitted by kas..@..ain.de

**[Link to original bug (#733001)](https://bugzilla.gnome.org/show_bug.cgi?id=733001)**  
## Description
Following steps to reproduce  
1. Installing Fluendo Code package  
2. Enable Selinux  
3. run gst-inspect-1.0  
4. now all newy added codecs are blacklisted because we have not relabled the new installation  
5. Disable Selinux  
6. run gst-inspect will not change anything because files are unchanged and already on blacklist  
  
Only deleting the registry would help.  
  
Correct handling would be in  
gst/gstregistry.c in function gst_registry_scan_path_level  
  
and add in the checks for regular file  
  
if (access(filename,X_OK)!=0) {  
      GST_TRACE_OBJECT (context->registry, "%s file status SeLinux executable file, ignoring",  
          filename);  
      g_free (filename);  
      continue;  
    }  
  
So we check if the file is executable ( normal file rights and SeLinux). If not executable we just ignore it.   
Tested on Linux it is working.

Discussion
Designs