aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-01-03 12:25:15 -0500
committerEric Paris <eparis@redhat.com>2012-01-05 18:53:00 -0500
commit69f594a38967f4540ce7a29b3fd214e68a8330bd (patch)
treedff25b5f5ef0736fb63b08729bec4ff57062c13f /security/selinux
parentf1c84dae0ecc51aa35c81f19a0ebcd6c0921ddcb (diff)
ptrace: do not audit capability check when outputing /proc/pid/stat
Reading /proc/pid/stat of another process checks if one has ptrace permissions on that process. If one does have permissions it outputs some data about the process which might have security and attack implications. If the current task does not have ptrace permissions the read still works, but those fields are filled with inocuous (0) values. Since this check and a subsequent denial is not a violation of the security policy we should not audit such denials. This can be quite useful to removing ptrace broadly across a system without flooding the logs when ps is run or something which harmlessly walks proc. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index c9605c4a2e08..14f94cd29c80 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1809,7 +1809,7 @@ static int selinux_ptrace_access_check(struct task_struct *child,
1809 if (rc) 1809 if (rc)
1810 return rc; 1810 return rc;
1811 1811
1812 if (mode == PTRACE_MODE_READ) { 1812 if (mode & PTRACE_MODE_READ) {
1813 u32 sid = current_sid(); 1813 u32 sid = current_sid();
1814 u32 csid = task_sid(child); 1814 u32 csid = task_sid(child);
1815 return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL); 1815 return avc_has_perm(sid, csid, SECCLASS_FILE, FILE__READ, NULL);