KEYS: Make /proc/keys check to see if a key is possessed before security check - linux

diff options

author	David Howells <dhowells@redhat.com>	2010-06-11 18:31:10 +0200
committer	James Morris <jmorris@namei.org>	2010-08-02 07:34:27 +0200
commit	927942aabbbe506bf9bc70a16dc5460ecc64c148 (patch)
tree	2c53ccb405bd4afb03ff9f7acab892fafc7e9b0f /security/tomoyo/file.c
parent	KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation key (diff)
download	linux-927942aabbbe506bf9bc70a16dc5460ecc64c148.tar.xz linux-927942aabbbe506bf9bc70a16dc5460ecc64c148.zip

KEYS: Make /proc/keys check to see if a key is possessed before security check

Make /proc/keys check to see if the calling process possesses each key before performing the security check. The possession check can be skipped if the key doesn't have the possessor-view permission bit set. This causes the keys a process possesses to show up in /proc/keys, even if they don't have matching user/group/other view permissions. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>

Diffstat (limited to 'security/tomoyo/file.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: