On Tue, 2008-05-20 at 16:08 -0400, Stephen Smalley wrote:
Use non-auditing forms of the
permission checks as getxattr may be called by unprivileged processes
commonly and lack of permission just means that we fall back to the
in-core context value, not a denial.
If we do put this on list, lets make this an in code comment so its easy
to remember in another 100 years when the next poor sap has to figure
out what I am doing these days :)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4be1563..fe4f9ad 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2765,12 +2765,24 @@ static int selinux_inode_getsecurity(const struct inode *inode,
const char *name
u32 size;
int error;
char *context = NULL;
+ struct task_security_struct *tsec = current->security;
struct inode_security_struct *isec = inode->i_security;
if (strcmp(name, XATTR_SELINUX_SUFFIX))
return -EOPNOTSUPP;
- error = security_sid_to_context(isec->sid, &context, &size);
+ error = secondary_ops->capable(current, CAP_MAC_ADMIN);
+ if (!error)
+ error = avc_has_perm_noaudit(tsec->sid, tsec->sid,
+ SECCLASS_CAPABILITY2,
+ CAPABILITY2__MAC_ADMIN,
+ 0,
+ NULL);
+ if (!error)
+ error = security_sid_to_context_force(isec->sid, &context,
+ &size);
+ else
+ error = security_sid_to_context(isec->sid, &context, &size);
if (error)
return error;
error = size;