From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Stephen Smalley <sds@tycho.nsa.gov>,
Eric Paris <eparis@parisplace.org>,
James Morris <jmorris@localhost.localdomain>
Subject: [patch 11/12] SELinux: clear parent death signal on SID transitions
Date: Mon, 8 Oct 2007 11:06:40 -0700 [thread overview]
Message-ID: <20071008180640.GL7627@kroah.com> (raw)
In-Reply-To: <20071008180551.GA7627@kroah.com>
[-- Attachment #1: selinux-clear-parent-death-signal-on-sid-transitions.patch --]
[-- Type: text/plain, Size: 934 bytes --]
From: Stephen Smalley <sds@tycho.nsa.gov>
commit 4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 upstream.
Clear parent death signal on SID transitions to prevent unauthorized
signaling between SIDs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@parisplace.org>
Signed-off-by: James Morris <jmorris@localhost.localdomain>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
security/selinux/hooks.c | 3 +++
1 file changed, 3 insertions(+)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1906,6 +1906,9 @@ static void selinux_bprm_post_apply_cred
spin_unlock_irq(¤t->sighand->siglock);
}
+ /* Always clear parent death signal on SID transitions. */
+ current->pdeath_signal = 0;
+
/* Check whether the new SID can inherit resource limits
from the old SID. If not, reset all soft limits to
the lower of the current task's hard limit and the init
--
next prev parent reply other threads:[~2007-10-08 18:41 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20071008180406.052382073@mini.kroah.org>
2007-10-08 18:05 ` [patch 00/12] 2.6.22.10 -stable review Greg KH
2007-10-08 18:06 ` [patch 01/12] scsi_transport_spi: fix domain validation failure from incorrect width setting Greg KH
2007-10-08 18:06 ` [patch 02/12] sky2: reduce impact of watchdog timer Greg KH
2007-10-08 18:06 ` [patch 03/12] sky2: fix VLAN receive processing Greg KH
2007-10-08 18:06 ` [patch 04/12] sky2: fix transmit state on resume Greg KH
2007-10-08 18:06 ` [patch 05/12] libata: update drive blacklists Greg KH
2007-10-08 18:06 ` [patch 06/12] Fix ppp_mppe kernel stack usage Greg KH
2007-10-08 18:06 ` [patch 07/12] i2c-algo-bit: Read block data bugfix Greg KH
2007-10-08 18:06 ` [patch 08/12] NLM: Fix a circular lock dependency in lockd Greg KH
2007-10-08 20:01 ` Roel Kluin
2007-10-09 15:00 ` Trond Myklebust
2007-10-09 15:13 ` Greg KH
2007-10-09 15:27 ` Trond Myklebust
2007-10-09 20:41 ` [stable] " Greg KH
2007-10-08 18:06 ` [patch 09/12] Fix SMP poweroff hangs Greg KH
2007-10-09 15:17 ` Olof Johansson
2007-10-09 22:20 ` [stable] " Greg KH
2007-10-09 23:21 ` Thomas Gleixner
2007-10-09 23:27 ` Linus Torvalds
2007-10-09 23:35 ` Thomas Gleixner
2007-10-10 5:29 ` Linus Torvalds
[not found] ` <200710092359.47144.spaceman__spiff@cox.net>
2007-10-10 14:57 ` ARPM shutdown oops (Re: [stable] [patch 09/12] Fix SMP poweroff hangs) Linus Torvalds
2007-10-10 16:31 ` H. Peter Anvin
2007-10-11 3:05 ` Kevin
2007-10-11 15:31 ` Linus Torvalds
2007-10-11 18:42 ` Jeff Garzik
2007-10-11 19:19 ` Dave Jones
2007-10-11 20:55 ` Rafael J. Wysocki
2007-10-11 23:27 ` APM " Adrian Bunk
2007-10-12 12:05 ` Rafael J. Wysocki
2007-10-10 0:03 ` [stable] [patch 09/12] Fix SMP poweroff hangs Olof Johansson
2007-10-10 0:08 ` [PATCH] powerpc: don't enable cpu hotplug on mpic-based pseries Olof Johansson
2007-10-10 0:18 ` Stephen Rothwell
2007-10-10 0:38 ` [PATCH v2] " Olof Johansson
2007-10-10 10:08 ` Milton Miller
2007-10-10 16:43 ` Olof Johansson
2007-10-11 5:52 ` Paul Mackerras
2007-10-11 5:59 ` Olof Johansson
2007-10-11 0:24 ` [stable] [patch 09/12] Fix SMP poweroff hangs Paul Mackerras
2007-10-09 23:28 ` Greg KH
[not found] ` <alpine.LFD.0.999.0710091625520.3838@woody.linux%foundation.org>
2007-10-10 10:06 ` Milton Miller
2007-10-10 11:35 ` Rafael J. Wysocki
2007-10-08 18:06 ` [patch 10/12] Fix timer_stats printout of events/sec Greg KH
2007-10-08 18:06 ` Greg KH [this message]
2007-10-08 18:06 ` [patch 12/12] i386: Use global flag to disable broken local apic timer on AMD CPUs Greg KH
2007-10-08 18:09 ` [patch 00/12] 2.6.22.10 -stable review Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071008180640.GL7627@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=eparis@parisplace.org \
--cc=jmforbes@linuxtx.org \
--cc=jmorris@localhost.localdomain \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=sds@tycho.nsa.gov \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox