diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-09-10 08:22:48 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-09-14 00:27:05 +0200 |
commit | d58e0da854376841ac99defeb117a83f086715c6 (patch) | |
tree | b6e37d1030180680a7801ecb295d8d3990930375 /security/tomoyo/Makefile | |
parent | security: sparse fix: Move security_fixup_op to security.h (diff) | |
download | linux-d58e0da854376841ac99defeb117a83f086715c6.tar.xz linux-d58e0da854376841ac99defeb117a83f086715c6.zip |
TOMOYO: Add environment variable name restriction support.
This patch adds support for checking environment variable's names.
Although TOMOYO already provides ability to check argv[]/envp[] passed to
execve() requests,
file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="bar"
will reject execution of /bin/sh if environment variable LD_LIBRARY_PATH is not
defined. To grant execution of /bin/sh if LD_LIBRARY_PATH is not defined,
administrators have to specify like
file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]="/system/lib"
file execute /bin/sh exec.envp["LD_LIBRARY_PATH"]=NULL
. Since there are many environment variables whereas conditional checks are
applied as "&&", it is difficult to cover all combinations. Therefore, this
patch supports conditional checks that are applied as "||", by specifying like
file execute /bin/sh
misc env LD_LIBRARY_PATH exec.envp["LD_LIBRARY_PATH"]="/system/lib"
which means "grant execution of /bin/sh if environment variable is not defined
or is defined and its value is /system/lib".
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo/Makefile')
-rw-r--r-- | security/tomoyo/Makefile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/Makefile b/security/tomoyo/Makefile index 95278b71fc21..f7ade960f6cf 100644 --- a/security/tomoyo/Makefile +++ b/security/tomoyo/Makefile @@ -1,4 +1,4 @@ -obj-y = audit.o common.o condition.o domain.o file.o gc.o group.o load_policy.o memory.o mount.o realpath.o securityfs_if.o tomoyo.o util.o +obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o mount.o realpath.o securityfs_if.o tomoyo.o util.o $(obj)/policy/profile.conf: @mkdir -p $(obj)/policy/ |