]> err.no Git - linux-2.6/commit
selinux: fix labeling of /proc/net inodes
authorStephen Smalley <sds@tycho.nsa.gov>
Fri, 25 Jan 2008 18:03:42 +0000 (13:03 -0500)
committerJames Morris <jmorris@namei.org>
Sat, 26 Jan 2008 01:16:16 +0000 (12:16 +1100)
commitb1aa5301b9f88a4891061650c591fb8fe1c1d1da
tree701ee5bf6cefbf7545c91ebab614fda7d6fd6a27
parent99f1c97dbdb30e958edfd1ced0ae43df62504e07
selinux: fix labeling of /proc/net inodes

The proc net rewrite had a side effect on selinux, leading it to mislabel
the /proc/net inodes, thereby leading to incorrect denials.  Fix
security_genfs_sid to ignore extra leading / characters in the path supplied
by selinux_proc_get_sid since we now get "//net/..." rather than "/net/...".

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/ss/services.c