mirror of
https://github.com/FEX-Emu/linux.git
synced 2024-12-23 09:56:00 +00:00
b21507e272
Processes can only alter their own security attributes via /proc/pid/attr nodes. This is presently enforced by each individual security module and is also imposed by the Linux credentials implementation, which only allows a task to alter its own credentials. Move the check enforcing this restriction from the individual security modules to proc_pid_attr_write() before calling the security hook, and drop the unnecessary task argument to the security hook since it can only ever be the current task. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com> |
||
---|---|---|
.. | ||
include | ||
.gitignore | ||
apparmorfs.c | ||
audit.c | ||
capability.c | ||
context.c | ||
crypto.c | ||
domain.c | ||
file.c | ||
ipc.c | ||
Kconfig | ||
lib.c | ||
lsm.c | ||
Makefile | ||
match.c | ||
path.c | ||
policy_unpack.c | ||
policy.c | ||
procattr.c | ||
resource.c | ||
sid.c |