diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2017-04-20 11:31:30 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2017-05-23 10:23:22 -0400 |
| commit | db59000ab760f8d77b07b7f2898ff61110f88607 (patch) | |
| tree | df6808b9f383cc449bff7630f8448319acaa475c /tools/net | |
| parent | 46be14d2b6fbc20c9e7008ec8c28b40609ef6f22 (diff) | |
| download | linux-db59000ab760f8d77b07b7f2898ff61110f88607.tar.bz2 | |
selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks
SELinux uses CAP_MAC_ADMIN to control the ability to get or set a raw,
uninterpreted security context unknown to the currently loaded security
policy. When performing these checks, we only want to perform a base
capabilities check and a SELinux permission check. If any other
modules that implement a capable hook are stacked with SELinux, we do
not want to require them to also have to authorize CAP_MAC_ADMIN,
since it may have different implications for their security model.
Rework the CAP_MAC_ADMIN checks within SELinux to only invoke the
capabilities module and the SELinux permission checking.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tools/net')
0 files changed, 0 insertions, 0 deletions