3d2195c332
When I introduced open perms policy didn't understand them and I implemented them as a policycap. When I added the checking of open perm to truncate I forgot to conditionalize it on the userspace defined policy capability. Running an old policy with a new kernel will not check open on open(2) but will check it on truncate. Conditionalize the truncate check the same as the open check. Signed-off-by: Eric Paris <eparis@redhat.com> Cc: stable@vger.kernel.org # 3.4.x Signed-off-by: James Morris <james.l.morris@oracle.com> |
||
|---|---|---|
| .. | ||
| include | ||
| ss | ||
| .gitignore | ||
| avc.c | ||
| exports.c | ||
| hooks.c | ||
| Kconfig | ||
| Makefile | ||
| netif.c | ||
| netlabel.c | ||
| netlink.c | ||
| netnode.c | ||
| netport.c | ||
| nlmsgtab.c | ||
| selinuxfs.c | ||
| xfrm.c | ||