summaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2007-08-29 08:51:50 -0400
committerJames Morris <jmorris@localhost.localdomain>2007-08-30 20:22:47 -0400
commit4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 (patch)
tree9ab703429a2b24ccafc6748c1e0f2147f2b47114 /security/selinux
parenta1c582d0720f2eff61043e90711767decf37b917 (diff)
downloadkernel-crypto-4ac212ad4e8fafc22fa147fc255ff5fa5435cf33.tar.gz
kernel-crypto-4ac212ad4e8fafc22fa147fc255ff5fa5435cf33.tar.xz
kernel-crypto-4ac212ad4e8fafc22fa147fc255ff5fa5435cf33.zip
SELinux: clear parent death signal on SID transitions
Clear parent death signal on SID transitions to prevent unauthorized signaling between SIDs. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Eric Paris <eparis@parisplace.org> Signed-off-by: James Morris <jmorris@localhost.localdomain>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index d8bc4172819..36946629b6c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1907,6 +1907,9 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm)
spin_unlock_irq(&current->sighand->siglock);
}
+ /* Always clear parent death signal on SID transitions. */
+ current->pdeath_signal = 0;
+
/* Check whether the new SID can inherit resource limits
from the old SID. If not, reset all soft limits to
the lower of the current task's hard limit and the init