smack: fix key permission verification - openslx/kernel-qcow2-linux.git

diff options

author	Dmitry Kasatkin	2014-03-14 18:44:49 +0100
committer	David Howells	2014-03-14 18:44:49 +0100
commit	fffea214abf66a8672cfd6697fae65e743e22f11 (patch)
tree	a1e7c6d02c070bf0a92c9650aee2fd7d292f4623 /include/linux/security.h
parent	KEYS: Move the flags representing required permission to linux/key.h (diff)
download	kernel-qcow2-linux-fffea214abf66a8672cfd6697fae65e743e22f11.tar.gz kernel-qcow2-linux-fffea214abf66a8672cfd6697fae65e743e22f11.tar.xz kernel-qcow2-linux-fffea214abf66a8672cfd6697fae65e743e22f11.zip

smack: fix key permission verification

For any keyring access type SMACK always used MAY_READWRITE access check. It prevents reading the key with label "_", which should be allowed for anyone. This patch changes default access check to MAY_READ and use MAY_READWRITE in only appropriate cases. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>

Diffstat (limited to 'include/linux/security.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: