On 4/27/2011 5:34 AM, Roberto Sassu wrote: > The SMACK label of new file descriptors is obtained from the credentials > set in the 'f_cred' field of the same structure. > > Signed-off-by: Roberto Sassu <[email protected]> > --- > security/smack/smack_lsm.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index c6f8fca..e3c9e54 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -1011,7 +1011,7 @@ static int smack_file_permission(struct file *file, int > mask) > */ > static int smack_file_alloc_security(struct file *file) > { > - file->f_security = smk_of_current(); > + file->f_security = smk_of_task(file->f_cred->security);
Now hang on. This just looks wrong. You're setting the value of one field of the file structure to another value in the same file structure. I don't see that this is what I want. > return 0; > } > _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs-devel Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs-devel More help : https://help.launchpad.net/ListHelp
