Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 3bcac0263f0b45e67a64034ebcb69eb9abb742f4
commit3bcac0263f0b45e67a64034ebcb69eb9abb742f4[log] [tgz]
authorDavid Howells <dhowells@redhat.com>Wed Apr 29 13:45:05 2009 +0100
committerJames Morris <jmorris@namei.org>Thu Apr 30 09:07:13 2009 +1000
tree33f4db08edaa12e1c20df348e2fa28c7c2198ebe
parent88c48db9788862d0290831d081bc3c64e13b592f [diff]
SELinux: Don't flush inherited SIGKILL during execve()

Don't flush inherited SIGKILL during execve() in SELinux's post cred commit
hook.  This isn't really a security problem: if the SIGKILL came before the
credentials were changed, then we were right to receive it at the time, and
should honour it; if it came after the creds were changed, then we definitely
should honour it; and in any case, all that will happen is that the process
will be scrapped before it ever returns to userspace.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
3 files changed
tree: 33f4db08edaa12e1c20df348e2fa28c7c2198ebe
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. usr/
  20. virt/
  21. .gitignore
  22. .mailmap
  23. COPYING
  24. CREDITS
  25. Kbuild
  26. MAINTAINERS
  27. Makefile
  28. README
  29. REPORTING-BUGS