linux_dsm_epyc7002/security/smack
Casey Schaufler d19dfe58b7 Smack: Privilege check on key operations
Smack: Privilege check on key operations

Operations on key objects are subjected to Smack policy
even if the process is privileged. This is inconsistent
with the general behavior of Smack and may cause issues
with authentication by privileged daemons. This patch
allows processes with CAP_MAC_OVERRIDE to access keys
even if the Smack rules indicate otherwise.

Reported-by: Jose Bollo <jobol@nonadev.net>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
2018-01-10 09:29:14 -08:00
..
Kconfig Smack: Signal delivery as an append operation 2016-09-08 13:22:56 -07:00
Makefile Smack: Repair netfilter dependency 2015-01-23 10:08:19 -08:00
smack_access.c Smack: Privilege check on key operations 2018-01-10 09:29:14 -08:00
smack_lsm.c Smack: Privilege check on key operations 2018-01-10 09:29:14 -08:00
smack_netfilter.c netfilter: nf_hook_ops structs can be const 2017-07-31 19:10:44 +02:00
smack.h Smack: Privilege check on key operations 2018-01-10 09:29:14 -08:00
smackfs.c fs: constify tree_descr arrays passed to simple_fill_super() 2017-04-26 23:54:06 -04:00