diff options
| author | bz <bz@FreeBSD.org> | 2008-10-17 08:58:33 +0000 |
|---|---|---|
| committer | bz <bz@FreeBSD.org> | 2008-10-17 08:58:33 +0000 |
| commit | 8e885f7f2de6daa7d3e9482c0aa90c25be08d12a (patch) | |
| tree | c301d19e2d182d398c33973f15757efb081a6bf9 /sys | |
| parent | 34697cecc70bcdfc22c33f719fb80e4fd987042b (diff) | |
| download | FreeBSD-src-8e885f7f2de6daa7d3e9482c0aa90c25be08d12a.zip FreeBSD-src-8e885f7f2de6daa7d3e9482c0aa90c25be08d12a.tar.gz | |
Use the label from the socket credential rather than the
solabel which was not set by the mac_partition policy.
Spotted by: rwatson
Reviewed by: rwatson
MFC after: 3 days
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/security/mac_partition/mac_partition.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index 255e776..6a455a8 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -51,6 +51,7 @@ #include <sys/priv.h> #include <sys/proc.h> #include <sys/sbuf.h> +#include <sys/socketvar.h> #include <sys/systm.h> #include <sys/sysctl.h> @@ -248,7 +249,7 @@ partition_socket_check_visible(struct ucred *cred, struct socket *so, { int error; - error = label_on_label(cred->cr_label, solabel); + error = label_on_label(cred->cr_label, so->so_cred->cr_label); return (error ? ENOENT : 0); } |
