mirror of
https://github.com/adulau/aha.git
synced 2024-12-28 03:36:19 +00:00
tomoyo: add missing call to cap_bprm_set_creds
cap_bprm_set_creds() has to be called from security_bprm_set_creds(). TOMOYO forgot to call cap_bprm_set_creds() from tomoyo_bprm_set_creds() and suid executables were not being working. Make sure we call cap_bprm_set_creds() with TOMOYO, to set credentials properly inside tomoyo_bprm_set_creds(). Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
e2a1b9ee23
commit
b1338d199d
1 changed files with 6 additions and 0 deletions
|
@ -27,6 +27,12 @@ static int tomoyo_cred_prepare(struct cred *new, const struct cred *old,
|
||||||
|
|
||||||
static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
|
static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
|
||||||
{
|
{
|
||||||
|
int rc;
|
||||||
|
|
||||||
|
rc = cap_bprm_set_creds(bprm);
|
||||||
|
if (rc)
|
||||||
|
return rc;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Do only if this function is called for the first time of an execve
|
* Do only if this function is called for the first time of an execve
|
||||||
* operation.
|
* operation.
|
||||||
|
|
Loading…
Reference in a new issue