Guardian Digital Inc. > InfoCenter > Mailing List Archives > Linux Kernel

Linux Kernel Mailing List Archive

From: Stephen Smalley (sds@epoch.ncsc.mil)
Date: Wed Dec 15 2004 - 16:15:55 EST

On Wed, 2004-12-15 at 15:00, Serge E. Hallyn wrote:
> The security_bprm_apply_creds() function is called from
> fs/exec.c:compute_creds() under task_lock(current). SELinux must
> perform some work which is unsafe in that context, and therefore
> explicitly drops the task_lock, does the work, and re-acquires the
> task_lock. This is unsafe if other security modules are stacked after
> SELinux, as their bprm_apply_creds assumes that the 'unsafe' variable is
> still meaningful, that is, that the task_lock has not been dropped.
> The attached patch splits bprm_apply_creds into two functions,
> bprm_apply_creds and bprm_final_setup, where final_setup is called right
> after the task_lock has been dropped.

Two minor notes:
1) I'd suggest moving the unsafe field from task_security_struct to
bprm_security_struct, as there is no reason for this flag to live beyond
the lifecycle of the binprm.
2) Comment in security.h says 'task_list' where it should be

Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.