Paolo Bonzini wrote: > Compiling a package without SELinux support can be a security problem. > ... > I'd like to include this check in sed 4.2.1 to warn packagers about the > additional dependency.
Can you explain why 'sed' is to be bothered about selinux at all? 'sed' does not do anything security relevant (uids, gids, passwords). It does access files. But isn't the necessary logic abstracted in the open() system call? > + if test "$ac_cv_search_setfilecon" = no && > + test "$host" = "$build" && test -f /selinux/enforce; then This requires adding AC_REQUIRE([AC_CANONICAL_HOST]) AC_REQUIRE([AC_CANONICAL_BUILD]) Bruno
