Smack: Privilege check on key operations
Smack: Privilege check on key operations Operations on key objects are subjected to Smack policy even if the process is privileged. This is inconsistent with the general behavior of Smack and may cause issues with authentication by privileged daemons. This patch allows processes with CAP_MAC_OVERRIDE to access keys even if the Smack rules indicate otherwise. Reported-by: NJose Bollo <jobol@nonadev.net> Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com>
Showing
想要评论请 注册 或 登录