From: Eric Paris <[EMAIL PROTECTED]>
Date: Fri, 02 Mar 2007 13:29:50 -0500
> The security hooks to check permissions to remove an xfrm_policy were
> actually done after the policy was removed. Since the unlinking and
> deletion are done in xfrm_policy_by* functions this moves the hooks
> inside
From: Eric Paris [EMAIL PROTECTED]
Date: Fri, 02 Mar 2007 13:29:50 -0500
The security hooks to check permissions to remove an xfrm_policy were
actually done after the policy was removed. Since the unlinking and
deletion are done in xfrm_policy_by* functions this moves the hooks
inside those
On Fri, 2 Mar 2007, Eric Paris wrote:
> Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
Acked-by: James Morris <[EMAIL PROTECTED]>
--
James Morris
<[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More
On Mon, 2007-03-05 at 11:39 -0500, James Morris wrote:
> On Mon, 5 Mar 2007, Venkat Yekkirala wrote:
>
> > >
> > > Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
> > Acked-by: Venkat Yekkirala <[EMAIL PROTECTED]>
>
> What about your previous comment:
>
> "I guess you meant to do this here?
>
> > >
> > > Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
> > Acked-by: Venkat Yekkirala <[EMAIL PROTECTED]>
>
> What about your previous comment:
>
> "I guess you meant to do this here?
> else if (err)
> return err; "
I saw that this was taken care of in patch-2 for
On Mon, 5 Mar 2007, Venkat Yekkirala wrote:
> >
> > Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
> Acked-by: Venkat Yekkirala <[EMAIL PROTECTED]>
What about your previous comment:
"I guess you meant to do this here?
else if (err)
return err; "
--
James Morris
> Also, [Joy cc'd] deletions here needn't be audited?
OK, I see the next patch addressed this :)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
> @@ -2552,7 +2550,7 @@ static int pfkey_spdget(struct sock
> *sk, struct sk_buff *skb, struct sadb_msg *h
> return -EINVAL;
>
> xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir,
> pol->sadb_x_policy_id,
> - hdr->sadb_msg_type ==
>
> Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
Acked-by: Venkat Yekkirala <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read
Signed-off-by: Eric Paris [EMAIL PROTECTED]
Acked-by: Venkat Yekkirala [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ
Also, [Joy cc'd] deletions here needn't be audited?
OK, I see the next patch addressed this :)
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the
@@ -2552,7 +2550,7 @@ static int pfkey_spdget(struct sock
*sk, struct sk_buff *skb, struct sadb_msg *h
return -EINVAL;
xp = xfrm_policy_byid(XFRM_POLICY_TYPE_MAIN, dir,
pol-sadb_x_policy_id,
- hdr-sadb_msg_type == SADB_X_SPDDELETE2);
+
On Mon, 5 Mar 2007, Venkat Yekkirala wrote:
Signed-off-by: Eric Paris [EMAIL PROTECTED]
Acked-by: Venkat Yekkirala [EMAIL PROTECTED]
What about your previous comment:
I guess you meant to do this here?
else if (err)
return err;
--
James Morris
[EMAIL
Signed-off-by: Eric Paris [EMAIL PROTECTED]
Acked-by: Venkat Yekkirala [EMAIL PROTECTED]
What about your previous comment:
I guess you meant to do this here?
else if (err)
return err;
I saw that this was taken care of in patch-2 for the delete case, but
On Mon, 2007-03-05 at 11:39 -0500, James Morris wrote:
On Mon, 5 Mar 2007, Venkat Yekkirala wrote:
Signed-off-by: Eric Paris [EMAIL PROTECTED]
Acked-by: Venkat Yekkirala [EMAIL PROTECTED]
What about your previous comment:
I guess you meant to do this here?
else if
On Fri, 2 Mar 2007, Eric Paris wrote:
Signed-off-by: Eric Paris [EMAIL PROTECTED]
Acked-by: James Morris [EMAIL PROTECTED]
--
James Morris
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo
16 matches
Mail list logo
