From 4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Wed, 29 Aug 2007 08:51:50 -0400 Subject: SELinux: clear parent death signal on SID transitions Clear parent death signal on SID transitions to prevent unauthorized signaling between SIDs. Signed-off-by: Stephen Smalley Acked-by: Eric Paris Signed-off-by: James Morris --- security/selinux/hooks.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'security/selinux') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d8bc4172819c..36946629b6ca 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1907,6 +1907,9 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm) spin_unlock_irq(¤t->sighand->siglock); } + /* Always clear parent death signal on SID transitions. */ + current->pdeath_signal = 0; + /* Check whether the new SID can inherit resource limits from the old SID. If not, reset all soft limits to the lower of the current task's hard limit and the init -- cgit v1.2.2