diff options
author | Darrel Goeddel <dgoeddel@trustedcs.com> | 2006-05-24 10:38:25 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2006-06-20 05:25:26 -0400 |
commit | 8ba8e0fbe6321961f6ba04e2fd7215b37d935c83 (patch) | |
tree | 040b02209b21a06fc0c45cafce599773c905ef75 | |
parent | 014149cce19c5acb19014e57a5b739b7f64e6fbf (diff) |
[PATCH] fix se_sen audit filter
Fix a broken comparison that causes the process clearance to be checked for
both se_clr and se_sen audit filters.
Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | security/selinux/ss/services.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index c284dbb8b8c0..e9548bc049e1 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c | |||
@@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, | |||
1980 | break; | 1980 | break; |
1981 | case AUDIT_SE_SEN: | 1981 | case AUDIT_SE_SEN: |
1982 | case AUDIT_SE_CLR: | 1982 | case AUDIT_SE_CLR: |
1983 | level = (op == AUDIT_SE_SEN ? | 1983 | level = (field == AUDIT_SE_SEN ? |
1984 | &ctxt->range.level[0] : &ctxt->range.level[1]); | 1984 | &ctxt->range.level[0] : &ctxt->range.level[1]); |
1985 | switch (op) { | 1985 | switch (op) { |
1986 | case AUDIT_EQUAL: | 1986 | case AUDIT_EQUAL: |