linux

History

Stephen Smalley b21507e272 proc,security: move restriction on writing /proc/pid/attr nodes to proc Processes can only alter their own security attributes via /proc/pid/attr nodes. This is presently enforced by each individual security module and is also imposed by the Linux credentials implementation, which only allows a task to alter its own credentials. Move the check enforcing this restriction from the individual security modules to proc_pid_attr_write() before calling the security hook, and drop the unnecessary task argument to the security hook since it can only ever be the current task. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com>		2017-01-09 10:07:31 -05:00
..
array.c	fs/proc/array.c: slightly improve render_sigset_t	2016-12-12 18:55:09 -08:00
base.c	proc,security: move restriction on writing /proc/pid/attr nodes to proc	2017-01-09 10:07:31 -05:00
cmdline.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
consoles.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
cpuinfo.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
devices.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
fd.c	proc: Pass file mode to proc_pid_make_inode	2016-11-14 15:39:48 -05:00
fd.h	proc: unsigned file descriptors	2016-09-27 18:47:38 -04:00
generic.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
inode.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
internal.h	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2016-12-14 13:57:44 -08:00
interrupts.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
Kconfig	fs, proc: add help for CONFIG_PROC_CHILDREN	2015-07-17 16:39:52 -07:00
kcore.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
kmsg.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
loadavg.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
Makefile	fs/proc: Add compiler check for -Wno-override-init to support gcc < 4.2	2016-08-03 12:45:23 -04:00
meminfo.c	meminfo: break apart a very long seq_printf with #ifdefs	2016-10-07 18:46:30 -07:00
namespaces.c	proc: Pass file mode to proc_pid_make_inode	2016-11-14 15:39:48 -05:00
nommu.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
page.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
proc_net.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
proc_sysctl.c	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2016-10-10 20:16:43 -07:00
proc_tty.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
root.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
self.c	vfs: remove ".readlink = generic_readlink" assignments	2016-12-09 16:45:04 +01:00
softirqs.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
stat.c	seq/proc: modify seq_put_decimal_[u]ll to take a const char *, not char	2016-10-07 18:46:30 -07:00
task_mmu.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00
task_nommu.c	fs/proc: Stop trying to report thread stacks	2016-10-20 09:21:41 +02:00
thread_self.c	vfs: remove ".readlink = generic_readlink" assignments	2016-12-09 16:45:04 +01:00
uptime.c	cputime: Default implementation of nsecs -> cputime conversion	2014-03-13 15:56:43 +01:00
version.c	fs/proc: don't use module_init for non-modular core code	2014-01-23 16:37:02 -08:00
vmcore.c	Replace <asm/uaccess.h> with <linux/uaccess.h> globally	2016-12-24 11:46:01 -08:00