Commit b1338d19 authored May 26, 2009 by Herton Ronaldo Krzesinski Committed by James Morris May 27, 2009

tomoyo: add missing call to cap_bprm_set_creds



cap_bprm_set_creds() has to be called from security_bprm_set_creds().
TOMOYO forgot to call cap_bprm_set_creds() from tomoyo_bprm_set_creds()
and suid executables were not being working.

Make sure we call cap_bprm_set_creds() with TOMOYO, to set credentials
properly inside tomoyo_bprm_set_creds().

Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

parent e2a1b9ee

security/tomoyo/tomoyo.c

+6 −0

Original line number	Diff line number	Diff line
		@@ -27,6 +27,12 @@ static int tomoyo_cred_prepare(struct cred new, const struct cred old,

		static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
		{
		int rc;

		rc = cap_bprm_set_creds(bprm);
		if (rc)
		return rc;

		/*
		* Do only if this function is called for the first time of an execve
		* operation.