korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 21:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
4262fb51c9
linux/security/smack
History
Stephen Smalley b21507e272 proc,security: move restriction on writing /proc/pid/attr nodes to proc 
Processes can only alter their own security attributes via
/proc/pid/attr nodes.  This is presently enforced by each individual
security module and is also imposed by the Linux credentials
implementation, which only allows a task to alter its own credentials.
Move the check enforcing this restriction from the individual
security modules to proc_pid_attr_write() before calling the security hook,
and drop the unnecessary task argument to the security hook since it can
only ever be the current task.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2017-01-09 10:07:31 -05:00
..
Kconfig Smack: Signal delivery as an append operation 2016-09-08 13:22:56 -07:00
Makefile Smack: Repair netfilter dependency 2015-01-23 10:08:19 -08:00
smack_access.c Smack: Remove unnecessary smack_known_invalid 2016-11-15 09:34:39 -08:00
smack_lsm.c proc,security: move restriction on writing /proc/pid/attr nodes to proc 2017-01-09 10:07:31 -05:00
smack_netfilter.c security: Use IS_ENABLED() instead of checking for built-in or module 2016-08-08 13:08:25 -04:00
smack.h Smack: Remove unnecessary smack_known_invalid 2016-11-15 09:34:39 -08:00
smackfs.c Smack: Remove unnecessary smack_known_invalid 2016-11-15 09:34:39 -08:00