linux/security
Stephen Smalley 0794c66d49 selinux: handle files opened with flags 3 by checking ioctl permission
Handle files opened with flags 3 by checking ioctl permission.

Default to returning FILE__IOCTL from file_to_av() if the f_mode has neither
FMODE_READ nor FMODE_WRITE, and thus check ioctl permission on exec or
transfer, thereby validating such descriptors early as with normal r/w
descriptors and catching leaks of them prior to attempted usage.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2008-04-02 16:05:52 +11:00
..
keys Convert ERR_PTR(PTR_ERR(p)) instances to ERR_CAST(p) 2008-02-07 08:42:26 -08:00
selinux selinux: handle files opened with flags 3 by checking ioctl permission 2008-04-02 16:05:52 +11:00
smack smackfs: remove redundant lock, fix open(,O_RDWR) 2008-03-24 19:22:19 -07:00
Kconfig security: allow Kconfig to set default mmap_min_addr protection 2008-02-06 21:39:46 +08:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
capability.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
commoncap.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
dummy.c LSM/SELinux: Interfaces to allow FS to control mount options 2008-03-06 08:40:53 +11:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
root_plug.c security: Convert LSM into a static interface 2007-10-17 08:43:07 -07:00
security.c LSM/SELinux: Interfaces to allow FS to control mount options 2008-03-06 08:40:53 +11:00