On 6/1/2016 1:38 PM, Stephen Smalley wrote:
> On 06/01/2016 04:30 PM, Casey Schaufler wrote:
>> On 6/1/2016 1:06 PM, Stephen Smalley wrote:
>>> On 06/01/2016 03:27 PM, Casey Schaufler wrote:
>>>> Subject: [PATCH] LSM: Reorder security_capset to do access checks p
On 06/01/2016 04:30 PM, Casey Schaufler wrote:
> On 6/1/2016 1:06 PM, Stephen Smalley wrote:
>> On 06/01/2016 03:27 PM, Casey Schaufler wrote:
>>> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly
>>>
>>> The security module hooks that c
On 6/1/2016 1:06 PM, Stephen Smalley wrote:
> On 06/01/2016 03:27 PM, Casey Schaufler wrote:
>> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly
>>
>> The security module hooks that check whether a process should
>> be able to set a new capset
On 06/01/2016 03:27 PM, Casey Schaufler wrote:
> Subject: [PATCH] LSM: Reorder security_capset to do access checks properly
>
> The security module hooks that check whether a process should
> be able to set a new capset are currently called after the new
> values are set in cap
Subject: [PATCH] LSM: Reorder security_capset to do access checks properly
The security module hooks that check whether a process should
be able to set a new capset are currently called after the new
values are set in cap_capset(). This change reverses the order.
The capability module no longer