diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2007-08-29 08:51:50 -0400 |
---|---|---|
committer | James Morris <jmorris@localhost.localdomain> | 2007-08-30 20:22:47 -0400 |
commit | 4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 (patch) | |
tree | 9ab703429a2b24ccafc6748c1e0f2147f2b47114 | |
parent | a1c582d0720f2eff61043e90711767decf37b917 (diff) | |
download | op-kernel-dev-4ac212ad4e8fafc22fa147fc255ff5fa5435cf33.zip op-kernel-dev-4ac212ad4e8fafc22fa147fc255ff5fa5435cf33.tar.gz |
SELinux: clear parent death signal on SID transitions
Clear parent death signal on SID transitions to prevent unauthorized
signaling between SIDs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@parisplace.org>
Signed-off-by: James Morris <jmorris@localhost.localdomain>
-rw-r--r-- | security/selinux/hooks.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d8bc417..3694662 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1907,6 +1907,9 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm) spin_unlock_irq(¤t->sighand->siglock); } + /* Always clear parent death signal on SID transitions. */ + current->pdeath_signal = 0; + /* Check whether the new SID can inherit resource limits from the old SID. If not, reset all soft limits to the lower of the current task's hard limit and the init |