Re: [Patch 1/2] selinux: ajust rules for ATTR_FORCE

[Amerigo Wang]

OGAWA Hirofumi wrote:
> [My ISP still seems to be stopping email server :-/]
>
>   
> > > > So if I read this correctly, (ATTR_FORCE| ATTR_KILL_SUID|ATTR_MODE) will 
> > > > not return here, since 'ia_valid' will be ATTR_FORCE finally.
> > > >
> > > > I think you forgot to clear ATTR_FORCE here...
> > > >         
> > > Whoops, good catch. Fortunately, it doesn't seem to have actual problem,
> > > but it's bug obviously, and sorry for that. Fixed patch was attached.
> > >       
> > You can add my:
> > Acked-by:  Stephen Smalley <sds@xxxxxxxxxxxxx>
> >     
>
> Thanks.
>
> Amerigo, could you handle that patch with his ack for the remaining work?
>   

No problem, I will resend the newest patch with his Ack.
> BTW, I think [Patch 2/2] of
>
> -	newattrs.ia_valid |= should_remove_suid(dentry);
> +	ret = should_remove_suid(dentry);
> +	newattrs.ia_valid |= ret;
> +	if (ret)
> +		newattrs.ia_valid |= ATTR_FORCE;
>
> should be
>
> 	killsuid = should_remove_suid(dentry);
> 	if (killsuid)
> 		newattrs.ia_valid |= killsuid | ATTR_FORCE;
>   

Hmm, I almost forgot this... This only saves one statement if 'ret == 
0', but that is OK, I will change it.

Thanks!

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/