bbs.cooldavid.org Git - net-next-2.6.git/commit

author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
	Thu, 29 Jul 2010 05:29:55 +0000 (14:29 +0900)
committer	James Morris <jmorris@namei.org>
	Mon, 2 Aug 2010 05:38:38 +0000 (15:38 +1000)
commit	484ca79c653121d3c79fffb86e1deea724f2e20b
tree	457aa73e37c9b5e5b4306430f40d1985b59ca226	tree \| snapshot (tar.bz2 tar.gz zip)
parent	4d6ec10bb4461fdc9a9ab94ef32934e13564e873	commit \| diff

TOMOYO: Use pathname specified by policy rather than execve()

Commit c9e69318 "TOMOYO: Allow wildcard for execute permission." changed execute
permission and domainname to accept wildcards. But tomoyo_find_next_domain()
was using pathname passed to execve() rather than pathname specified by the
execute permission. As a result, processes were not able to transit to domains
which contain wildcards in their domainnames.

This patch passes pathname specified by the execute permission back to
tomoyo_find_next_domain() so that processes can transit to domains which
contain wildcards in their domainnames.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>

security/tomoyo/common.h		diff \| blob \| blame \| history
security/tomoyo/domain.c		diff \| blob \| blame \| history
security/tomoyo/file.c		diff \| blob \| blame \| history
security/tomoyo/group.c		diff \| blob \| blame \| history
security/tomoyo/mount.c		diff \| blob \| blame \| history