diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2005-11-09 00:34:32 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-11-09 10:55:51 -0500 |
commit | e517a0cd859ae0c4d9451107113fc2b076456f8f (patch) | |
tree | cf1c23d7d6715267ff7ee2b3dd5ba1c5ea8c0345 | |
parent | d34d7ae266b23932809c43f115fda71fc5e5fcb1 (diff) |
[PATCH] selinux: MLS compatibility
This patch enables files created on a MLS-enabled SELinux system to be
accessible on a non-MLS SELinux system, by skipping the MLS component of
the security context in the non-MLS case.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | security/selinux/ss/mls.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index aaefac2921f1..640d0bfdbc68 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c | |||
@@ -262,8 +262,11 @@ int mls_context_to_sid(char oldc, | |||
262 | struct cat_datum *catdatum, *rngdatum; | 262 | struct cat_datum *catdatum, *rngdatum; |
263 | int l, rc = -EINVAL; | 263 | int l, rc = -EINVAL; |
264 | 264 | ||
265 | if (!selinux_mls_enabled) | 265 | if (!selinux_mls_enabled) { |
266 | if (def_sid != SECSID_NULL && oldc) | ||
267 | *scontext += strlen(*scontext); | ||
266 | return 0; | 268 | return 0; |
269 | } | ||
267 | 270 | ||
268 | /* | 271 | /* |
269 | * No MLS component to the security context, try and map to | 272 | * No MLS component to the security context, try and map to |