diff options
| author | rwatson <rwatson@FreeBSD.org> | 2008-01-28 10:20:18 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2008-01-28 10:20:18 +0000 |
| commit | 3043fa2dcad55ad5c0c175bbd66df5dd259e697a (patch) | |
| tree | 04ba973c40fea604dcdcb98192ba5f326744089d | |
| parent | 956e8b1018e703b0092adfa565b14ca20b8c13cb (diff) | |
| download | FreeBSD-src-3043fa2dcad55ad5c0c175bbd66df5dd259e697a.zip FreeBSD-src-3043fa2dcad55ad5c0c175bbd66df5dd259e697a.tar.gz | |
Properly return the error from mls_subject_privileged() in the ifnet
relabel check for MLS rather than returning 0 directly.
This problem didn't result in a vulnerability currently as the central
implementation of ifnet relabeling also checks for UNIX privilege, and
we currently don't guarantee containment for the root user in mac_mls,
but we should be using the MLS definition of privilege as well as the
UNIX definition in anticipation of supporting root containment at some
point.
MFC after: 3 days
Submitted by: Zhouyi Zhou <zhouzhouyi at gmail dot com>
Sponsored by: Google SoC 2007
| -rw-r--r-- | sys/security/mac_mls/mac_mls.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/sys/security/mac_mls/mac_mls.c b/sys/security/mac_mls/mac_mls.c index eb3ab0e..acf9423 100644 --- a/sys/security/mac_mls/mac_mls.c +++ b/sys/security/mac_mls/mac_mls.c @@ -964,9 +964,7 @@ mls_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp, /* * Relabeling network interfaces requires MLS privilege. */ - error = mls_subject_privileged(subj); - - return (0); + return (mls_subject_privileged(subj)); } static int |
