Commit 341c2d80 authored Mar 11, 2006 by Stephen Smalley Committed by Linus Torvalds Mar 11, 2006

[PATCH] selinux: tracer SID fix



Fix SELinux to not reset the tracer SID when the child is already being
traced, since selinux_ptrace is also called by proc for access checking
outside of the context of a ptrace attach.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

parent 4136cabf

security/selinux/hooks.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1262,7 +1262,7 @@ static int selinux_ptrace(struct task_struct parent, struct task_struct child)

		rc = task_has_perm(parent, child, PROCESS__PTRACE);
		/* Save the SID of the tracing process for later use in apply_creds. */
		if (!rc)
		if (!(child->ptrace & PT_PTRACED) && !rc)
		csec->ptrace_sid = psec->sid;
		return rc;
		}