summaryrefslogtreecommitdiffstats
path: root/security/Kconfig
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-09-10 08:27:12 +0200
committerJames Morris <jmorris@namei.org>2011-09-14 00:27:07 +0200
commita8f7640963ada66c412314c3559c11ff6946c1a5 (patch)
tree23d9fb5fe64bb431b610deb6c1b696356106f94d /security/Kconfig
parentTOMOYO: Allow domain transition without execve(). (diff)
downloadlinux-a8f7640963ada66c412314c3559c11ff6946c1a5.tar.xz
linux-a8f7640963ada66c412314c3559c11ff6946c1a5.zip
TOMOYO: Avoid race when retrying "file execute" permission check.
There was a race window that the pathname which is subjected to "file execute" permission check when retrying via supervisor's decision because the pathname was recalculated upon retry. Though, there is an inevitable race window even without supervisor, for we have to calculate the symbolic link's pathname from "struct linux_binprm"->filename rather than from "struct linux_binprm"->file because we cannot back calculate the symbolic link's pathname from the dereferenced pathname. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/Kconfig')
0 files changed, 0 insertions, 0 deletions