SELinux: Move execmod to the common perms
execmod "could" show up on non regular files and non chr files. The current implementation would actually make these checks against non-existant bits since the code assumes the execmod permission is same for all file types. To make this line up for chr files we had to define execute_no_trans and entrypoint permissions. These permissions are unreachable and only existed to to make FILE__EXECMOD and CHR_FILE__EXECMOD the same. This patch drops those needless perms as well. Signed-off-by: NEric Paris <eparis@redhat.com> Acked-by: NStephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: NJames Morris <jmorris@namei.org>
Showing
想要评论请 注册 或 登录