Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree
for July 17: early crash on x86-64) SELinux needs MAY_APPEND to be passed down to the security hook. Otherwise, we get permission denials when only append permission is granted by policy even if the opening process specified O_APPEND. Shows up as a regression in the ltp selinux testsuite, fixed by this patch. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
94ad374a07
commit
f418b00607
1 changed files with 1 additions and 1 deletions
|
@ -274,7 +274,7 @@ int inode_permission(struct inode *inode, int mask)
|
|||
return retval;
|
||||
|
||||
return security_inode_permission(inode,
|
||||
mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
|
||||
mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue