[PATCH][SELINUX] Fix name_bind audit

From: Stephen Smalley
Date: Mon Aug 16 2004 - 11:34:22 EST

Next message: Erik Jacobson: "[PATCH] Process Aggregates for 2.6.8"
Previous message: Stephen Smalley: "[PATCH][SELINUX] Defer inode security initialization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch restores the proper auditing behavior for the name_bind check. Please apply.

Author: James Morris <jmorris@xxxxxxxxxx>
Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxxx>

security/selinux/hooks.c | 1 +
1 files changed, 1 insertion(+)

diff -urN -X dontdiff linux-2.6.8-rc4.o/security/selinux/hooks.c linux-2.6.8-rc4.w/security/selinux/hooks.c
--- linux-2.6.8-rc4.o/security/selinux/hooks.c 2004-08-10 01:20:16.000000000 -0400
+++ linux-2.6.8-rc4.w/security/selinux/hooks.c 2004-08-11 11:36:48.000000000 -0400
@@ -3078,6 +3078,7 @@
goto out;
AVC_AUDIT_DATA_INIT(&ad,NET);
ad.u.net.sport = htons(snum);
+ ad.u.net.family = family;
err = avc_has_perm(isec->sid, sid,
isec->sclass,
SOCKET__NAME_BIND, NULL, &ad);

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Erik Jacobson: "[PATCH] Process Aggregates for 2.6.8"
Previous message: Stephen Smalley: "[PATCH][SELINUX] Defer inode security initialization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]