diff options
author | Christian Göttsche | 2023-05-11 14:32:52 +0200 |
---|---|---|
committer | Greg Kroah-Hartman | 2023-09-13 09:42:23 +0200 |
commit | 896e9e57784cc48b9869d0574bd2c2be6cc1eaa8 (patch) | |
tree | 18d784baf1998252cbbe8daaa721aaaa2214f408 /fs/d_path.c | |
parent | 0ffed24af577cc942e4c546b167b5cf7ab3fff9e (diff) |
security: keys: perform capable check only on privileged operations
[ Upstream commit 2d7f105edbb3b2be5ffa4d833abbf9b6965e9ce7 ]
If the current task fails the check for the queried capability via
`capable(CAP_SYS_ADMIN)` LSMs like SELinux generate a denial message.
Issuing such denial messages unnecessarily can lead to a policy author
granting more privileges to a subject than needed to silence them.
Reorder CAP_SYS_ADMIN checks after the check whether the operation is
actually privileged.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs/d_path.c')
0 files changed, 0 insertions, 0 deletions