aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDarrel Goeddel <dgoeddel@trustedcs.com>2006-05-24 10:38:25 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2006-06-20 05:25:26 -0400
commit8ba8e0fbe6321961f6ba04e2fd7215b37d935c83 (patch)
tree040b02209b21a06fc0c45cafce599773c905ef75
parent014149cce19c5acb19014e57a5b739b7f64e6fbf (diff)
[PATCH] fix se_sen audit filter
Fix a broken comparison that causes the process clearance to be checked for both se_clr and se_sen audit filters. Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--security/selinux/ss/services.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index c284dbb8b8c0..e9548bc049e1 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op,
1980 break; 1980 break;
1981 case AUDIT_SE_SEN: 1981 case AUDIT_SE_SEN:
1982 case AUDIT_SE_CLR: 1982 case AUDIT_SE_CLR:
1983 level = (op == AUDIT_SE_SEN ? 1983 level = (field == AUDIT_SE_SEN ?
1984 &ctxt->range.level[0] : &ctxt->range.level[1]); 1984 &ctxt->range.level[0] : &ctxt->range.level[1]);
1985 switch (op) { 1985 switch (op) {
1986 case AUDIT_EQUAL: 1986 case AUDIT_EQUAL: