Eric Paris 8b6a5a37f8 SELinux: check open perms in dentry_open not inode_permission ... Some operations, like searching a directory path or connecting a unix domain socket, make explicit calls into inode_permission. Our choices are to either try to come up with a signature for all of the explicit calls to inode_permission and do not check open on those, or to move the open checks to dentry_open where we know this is always an open operation. This patch moves the checks to dentry_open. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>		2008-10-31 02:00:52 +11:00
..
keys	keys: remove unused key_alloc_sem	2008-06-06 11:29:11 -07:00
selinux	SELinux: check open perms in dentry_open not inode_permission	2008-10-31 02:00:52 +11:00
smack	Merge branch 'master' of git://git.infradead.org/users/pcmoore/lblnet-2.6_next into next	2008-10-11 09:26:14 +11:00
capability.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00
commoncap.c	file capabilities: uninline cap_safe_nice	2008-09-27 15:07:56 +10:00
device_cgroup.c	devcgroup: fix race against rmdir()	2008-09-02 19:21:38 -07:00
inode.c	security: add/fix security kernel-doc	2008-08-20 20:16:32 +10:00
Kconfig	securityfs: do not depend on CONFIG_SECURITY	2008-08-28 10:47:42 +10:00
Makefile	securityfs: do not depend on CONFIG_SECURITY	2008-08-28 10:47:42 +10:00
root_plug.c	security: Fix setting of PF_SUPERPRIV by __capable()	2008-08-14 22:59:43 +10:00
security.c	Merge branch 'master' into next	2008-08-28 10:47:34 +10:00