mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-05 08:26:59 +00:00
Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree
for July 17: early crash on x86-64) SELinux needs MAY_APPEND to be passed down to the security hook. Otherwise, we get permission denials when only append permission is granted by policy even if the opening process specified O_APPEND. Shows up as a regression in the ltp selinux testsuite, fixed by this patch. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
94ad374a07
commit
f418b00607
1 changed files with 1 additions and 1 deletions
|
@ -274,7 +274,7 @@ int inode_permission(struct inode *inode, int mask)
|
||||||
return retval;
|
return retval;
|
||||||
|
|
||||||
return security_inode_permission(inode,
|
return security_inode_permission(inode,
|
||||||
mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
|
mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue