GitHub-Mirror/linux-bl808
2
0
Fork 0
mirror of https://github.com/Fishwaldo/linux-bl808.git synced 2025-06-17 20:25:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

audit: add netlink audit protocol bind to check capabilities on multicast join

Browse source 
Register a netlink per-protocol bind fuction for audit to check userspace
process capabilities before allowing a multicast group connection.

Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Richard Guy Briggs 2014-04-22 21:31:56 -04:00 committed by David S. Miller
parent 7774d5e03f
commit 3a101b8de0
3 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
security/selinux/include/classmap.h
View file

@ -147,7 +147,7 @@ struct security_class_mapping secclass_map[] = {
{ "peer", { "recv", NULL } },
{ "capability2",
{ "mac_override", "mac_admin", "syslog", "wake_alarm", "block_suspend",
NULL } },
"audit_read", NULL } },
{ "kernel_service", { "use_as_override", "create_files_as", NULL } },
{ "tun_socket",
{ COMMON_SOCK_PERMS, "attach_queue", NULL } },