Re: [PATCH] LSM: Reorder security_capset to do access checks properly

On 6/1/2016 1:38 PM, Stephen Smalley wrote: > On 06/01/2016 04:30 PM, Casey Schaufler wrote: >> On 6/1/2016 1:06 PM, Stephen Smalley wrote: >>> On 06/01/2016 03:27 PM, Casey Schaufler wrote: >>>> Subject: [PATCH] LSM: Reorder security_capset to do access checks p

Re: [PATCH] LSM: Reorder security_capset to do access checks properly

On 06/01/2016 04:30 PM, Casey Schaufler wrote: > On 6/1/2016 1:06 PM, Stephen Smalley wrote: >> On 06/01/2016 03:27 PM, Casey Schaufler wrote: >>> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly >>> >>> The security module hooks that c

Re: [PATCH] LSM: Reorder security_capset to do access checks properly

On 6/1/2016 1:06 PM, Stephen Smalley wrote: > On 06/01/2016 03:27 PM, Casey Schaufler wrote: >> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly >> >> The security module hooks that check whether a process should >> be able to set a new capset

Re: [PATCH] LSM: Reorder security_capset to do access checks properly

On 06/01/2016 03:27 PM, Casey Schaufler wrote: > Subject: [PATCH] LSM: Reorder security_capset to do access checks properly > > The security module hooks that check whether a process should > be able to set a new capset are currently called after the new > values are set in cap

[PATCH] LSM: Reorder security_capset to do access checks properly

Subject: [PATCH] LSM: Reorder security_capset to do access checks properly The security module hooks that check whether a process should be able to set a new capset are currently called after the new values are set in cap_capset(). This change reverses the order. The capability module no longer