diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-08-19 15:48:39 +0200 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-09-09 16:28:52 +0200 |
commit | 17f4bad3abc7c09f42987d89ccccab02c03455a9 (patch) | |
tree | 308b64c40ab744ab7d65419bbd6df73cc559365c /security/inode.c | |
parent | ima: remove unnecessary appraisal test (diff) | |
download | linux-17f4bad3abc7c09f42987d89ccccab02c03455a9.tar.xz linux-17f4bad3abc7c09f42987d89ccccab02c03455a9.zip |
ima: remove usage of filename parameter
In all cases except ima_bprm_check() the filename was not defined
and ima_d_path() was used to find the full path. Unfortunately,
the bprm filename is a relative pathname (eg. ./<dir>/filename).
ima_bprm_check() selects between bprm->interp and bprm->filename.
The following dump demonstrates the differences between using
filename and interp.
bprm->filename
filename: ./foo.sh, pathname: /root/bin/foo.sh
filename: ./foo.sh, pathname: /bin/dash
bprm->interp
filename: ./foo.sh, pathname: /root/bin/foo.sh
filename: /bin/sh, pathname: /bin/dash
In both cases the pathnames are currently the same. This patch
removes usage of filename and interp in favor of d_absolute_path.
Changes v3:
- 11 extra bytes for "deleted" not needed (Mimi)
- purpose "replace relative bprm filename with full pathname" (Mimi)
Changes v2:
- use d_absolute_path() instead of d_path to work in chroot environments.
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/inode.c')
0 files changed, 0 insertions, 0 deletions