diff options
| author |   Linus Torvalds <torvalds@linux-foundation.org> | 2012-03-28 14:26:19 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-03-28 14:26:19 -0700 |
| commit | 683c5e853ebe2d1ac72128f1828421de7fc3a23c (patch) | |
| tree | 5efaa76d16915feea9241966a90ab93fa4d71397 /security/apparmor/file.c | |
| parent | Merge branch 'linux_next' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-edac (diff) | |
| parent | apparmor: Fix change_onexec when called from a confined task (diff) | |
| download | wireguard-linux-683c5e853ebe2d1ac72128f1828421de7fc3a23c.tar.xz wireguard-linux-683c5e853ebe2d1ac72128f1828421de7fc3a23c.zip | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull an Apparmor bugfix from James Morris.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
apparmor: Fix change_onexec when called from a confined task
Diffstat (limited to 'security/apparmor/file.c')
| -rw-r--r-- | security/apparmor/file.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/apparmor/file.c b/security/apparmor/file.c index 3022c0f4f0db..5d176f2530c9 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -215,6 +215,8 @@ static struct file_perms compute_perms(struct aa_dfa *dfa, unsigned int state, /* change_profile wasn't determined by ownership in old mapping */ if (ACCEPT_TABLE(dfa)[state] & 0x80000000) perms.allow |= AA_MAY_CHANGE_PROFILE; + if (ACCEPT_TABLE(dfa)[state] & 0x40000000) + perms.allow |= AA_MAY_ONEXEC; return perms; } |