mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add back in MAY_APPEND filtering that was accidentally removed in r475 with dir rename fix

Browse source
This commit is contained in:
John Johansen 2007-03-25 07:08:36 +00:00
parent 0d2e46088b
commit f5a8698fdf
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
module/apparmor/main.c
View file

@ -883,6 +883,9 @@ int aa_perm(struct aaprofile *active, struct dentry *dentry,
if (!active)
goto out;
/* AppArmor does not use append so mask it off */
mask &= ~MAY_APPEND;
if (!leaf && dentry->d_inode && S_ISDIR(dentry->d_inode->i_mode)) {
mask &= ~(AA_MAY_EXEC | AA_MAY_WRITE);
}
@ -945,6 +948,9 @@ int aa_perm_dentry(struct aaprofile *active, struct dentry *dentry, int mask)
if (!active)
goto out;
/* AppArmor does not use append so mask it off */
mask &= ~MAY_APPEND;
/* perm dentry is always called as a leaf so no mask filtering is
* done like in aa_perm */