diff options
| author | Michael LeMay <mdlemay@epoch.ncsc.mil> | 2006-06-26 03:24:56 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-26 12:58:18 -0400 |
| commit | 06ec7be557a1259611d6093a00463c42650dc71a (patch) | |
| tree | b83cdbc8405e0a174939d36e4fe40fb8adb51071 /security/keys | |
| parent | e51f6d343789a4f0a2a7587ad7ec7746969d5c1c (diff) | |
[PATCH] keys: restrict contents of /proc/keys to Viewable keys
Restrict /proc/keys such that only those keys to which the current task is
granted View permission are presented.
The documentation is also updated to reflect these changes.
Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/keys')
| -rw-r--r-- | security/keys/proc.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/security/keys/proc.c b/security/keys/proc.c index 12b750e51fbf..686a9ee0c5de 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c | |||
| @@ -137,6 +137,13 @@ static int proc_keys_show(struct seq_file *m, void *v) | |||
| 137 | struct timespec now; | 137 | struct timespec now; |
| 138 | unsigned long timo; | 138 | unsigned long timo; |
| 139 | char xbuf[12]; | 139 | char xbuf[12]; |
| 140 | int rc; | ||
| 141 | |||
| 142 | /* check whether the current task is allowed to view the key (assuming | ||
| 143 | * non-possession) */ | ||
| 144 | rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW); | ||
| 145 | if (rc < 0) | ||
| 146 | return 0; | ||
| 140 | 147 | ||
| 141 | now = current_kernel_time(); | 148 | now = current_kernel_time(); |
| 142 | 149 | ||