| smack_access.c (7b3b6e42032e94a6132a85642e95106f5346650e) | smack_access.c (b6dff3ec5e116e3af6f537d4caedcad6b9e5082a) |
|---|---|
| 1/* 2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, version 2. 7 * 8 * Author: --- 150 unchanged lines hidden (view full) --- 159 * in the access rule list and returns 0 if the access is permitted, 160 * non zero otherwise. It allows that current may have the capability 161 * to override the rules. 162 */ 163int smk_curacc(char *obj_label, u32 mode) 164{ 165 int rc; 166 | 1/* 2 * Copyright (C) 2007 Casey Schaufler <casey@schaufler-ca.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, version 2. 7 * 8 * Author: --- 150 unchanged lines hidden (view full) --- 159 * in the access rule list and returns 0 if the access is permitted, 160 * non zero otherwise. It allows that current may have the capability 161 * to override the rules. 162 */ 163int smk_curacc(char *obj_label, u32 mode) 164{ 165 int rc; 166 |
| 167 rc = smk_access(current->security, obj_label, mode); | 167 rc = smk_access(current->cred->security, obj_label, mode); |
| 168 if (rc == 0) 169 return 0; 170 171 /* 172 * Return if a specific label has been designated as the 173 * only one that gets privilege and current does not 174 * have that label. 175 */ | 168 if (rc == 0) 169 return 0; 170 171 /* 172 * Return if a specific label has been designated as the 173 * only one that gets privilege and current does not 174 * have that label. 175 */ |
| 176 if (smack_onlycap != NULL && smack_onlycap != current->security) | 176 if (smack_onlycap != NULL && smack_onlycap != current->cred->security) |
| 177 return rc; 178 179 if (capable(CAP_MAC_OVERRIDE)) 180 return 0; 181 182 return rc; 183} 184 --- 180 unchanged lines hidden --- | 177 return rc; 178 179 if (capable(CAP_MAC_OVERRIDE)) 180 return 0; 181 182 return rc; 183} 184 --- 180 unchanged lines hidden --- |