Eric Paris
authored
Given an illegal selinux option it was possible for match_token to work in random memory at the end of the match_table_t array. Note that privilege is required to perform a context mount, so this issue is effectively limited to root only. Signed-off-by:Eric Paris <eparis@redhat.com> Acked-by:
Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by:
James Morris <jmorris@namei.org>
| Name | Last commit | Last update |
|---|---|---|
| .. | ||
| include | ||
| ss | ||
| Kconfig | ||
| Makefile | ||
| avc.c | ||
| exports.c | ||
| hooks.c | ||
| netif.c | ||
| netlabel.c | ||
| netlink.c | ||
| nlmsgtab.c | ||
| selinuxfs.c | ||
| xfrm.c | ||