mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree 

for July 17: early crash on x86-64)

SELinux needs MAY_APPEND to be passed down to the security hook.
Otherwise, we get permission denials when only append permission is
granted by policy even if the opening process specified O_APPEND.
Shows up as a regression in the ltp selinux testsuite, fixed by
this patch.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Stephen Smalley 2008-07-28 13:32:38 -04:00 committed by Al Viro
parent 94ad374a07
commit f418b00607
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fs/namei.c
View File

@ -274,7 +274,7 @@ int inode_permission(struct inode *inode, int mask)
return retval;
return security_inode_permission(inode,
mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
}
/**