linux-security-module July 2008 archive
Main Archive Page > Month Archives  > linux-security-module archives
linux-security-module: Re: [PATCH] CRED: Changes additional to n

Re: [PATCH] CRED: Changes additional to neutering sys_capset()

From: Andrew G. Morgan <morgan_at_nospam>
Date: Sun Jul 27 2008 - 03:31:12 GMT
To: David Howells <dhowells@redhat.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David,

Could you merge this patch with the original [4/7]? I'd rather review the combined patch if at all possible...

Thanks

Andrew

David Howells wrote:
| If sys_capset() is neutered then sys_capset() does not need to take the
| tasklist_lock and the capset security hooks don't need a target
pointer as the
| target may only be current.
|
| Signed-off-by: David Howells <dhowells@redhat.com>
| ---
|
| include/linux/security.h | 32 +++++++++++---------------------
| kernel/capability.c | 8 ++------
| security/commoncap.c | 18 ++++++++----------
| security/security.c | 11 ++++-------
| security/selinux/hooks.c | 12 +++++-------
| 5 files changed, 30 insertions(+), 51 deletions(-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIi+v/+bHCR3gb8jsRAlk1AKCPJO10kFNgWAROQxkCHp9t2SauvQCeMCNU wPiuiBMYfx26UdX3sTnvRkM=
=c6g+
-----END PGP SIGNATURE----- -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html