diff options
author | David Howells <dhowells@redhat.com> | 2009-09-02 04:13:50 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-09-02 07:29:06 -0400 |
commit | 0c2c9a3fc77e8b60d43d9bd2ca46eb4dddb0ff76 (patch) | |
tree | e718aa64ab3b5d4fd73f7a837ee9ea0debfcc773 /security/keys | |
parent | 5593122eec26b061cc0b6fbff32118f1aadf4a27 (diff) |
KEYS: Allow keyctl_revoke() on keys that have SETATTR but not WRITE perm [try #6]
Allow keyctl_revoke() to operate on keys that have SETATTR but not WRITE
permission, rather than only on keys that have WRITE permission.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/keys')
-rw-r--r-- | security/keys/keyctl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c index b85ace218395..1160b644dace 100644 --- a/security/keys/keyctl.c +++ b/security/keys/keyctl.c | |||
@@ -343,7 +343,13 @@ long keyctl_revoke_key(key_serial_t id) | |||
343 | key_ref = lookup_user_key(id, 0, KEY_WRITE); | 343 | key_ref = lookup_user_key(id, 0, KEY_WRITE); |
344 | if (IS_ERR(key_ref)) { | 344 | if (IS_ERR(key_ref)) { |
345 | ret = PTR_ERR(key_ref); | 345 | ret = PTR_ERR(key_ref); |
346 | goto error; | 346 | if (ret != -EACCES) |
347 | goto error; | ||
348 | key_ref = lookup_user_key(id, 0, KEY_SETATTR); | ||
349 | if (IS_ERR(key_ref)) { | ||
350 | ret = PTR_ERR(key_ref); | ||
351 | goto error; | ||
352 | } | ||
347 | } | 353 | } |
348 | 354 | ||
349 | key_revoke(key_ref_to_ptr(key_ref)); | 355 | key_revoke(key_ref_to_ptr(key_ref)); |