From: Greg Kroah-Hartman Date: Mon, 8 Oct 2007 17:32:15 +0000 (-0700) Subject: another patch added to queue X-Git-Tag: v2.6.22.10~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b229faf8db1f56222965b7d2ffbe36f44dd7e57a;p=thirdparty%2Fkernel%2Fstable-queue.git another patch added to queue --- diff --git a/queue-2.6.22/selinux-clear-parent-death-signal-on-sid-transitions.patch b/queue-2.6.22/selinux-clear-parent-death-signal-on-sid-transitions.patch new file mode 100644 index 00000000000..baddd99de5a --- /dev/null +++ b/queue-2.6.22/selinux-clear-parent-death-signal-on-sid-transitions.patch @@ -0,0 +1,33 @@ +From 4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 Mon Sep 17 00:00:00 2001 +From: Stephen Smalley +Date: Wed, 29 Aug 2007 08:51:50 -0400 +Subject: [PATCH] SELinux: clear parent death signal on SID transitions + +From: Stephen Smalley + +commit 4ac212ad4e8fafc22fa147fc255ff5fa5435cf33 upstream. + +Clear parent death signal on SID transitions to prevent unauthorized +signaling between SIDs. + +Signed-off-by: Stephen Smalley +Acked-by: Eric Paris +Signed-off-by: James Morris +Signed-off-by: Greg Kroah-Hartman + +--- + security/selinux/hooks.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -1906,6 +1906,9 @@ static void selinux_bprm_post_apply_cred + spin_unlock_irq(¤t->sighand->siglock); + } + ++ /* Always clear parent death signal on SID transitions. */ ++ current->pdeath_signal = 0; ++ + /* Check whether the new SID can inherit resource limits + from the old SID. If not, reset all soft limits to + the lower of the current task's hard limit and the init diff --git a/queue-2.6.22/series b/queue-2.6.22/series index 18cc10cd32f..4f26007fb0f 100644 --- a/queue-2.6.22/series +++ b/queue-2.6.22/series @@ -8,3 +8,4 @@ i2c-algo-bit-read-block-data-bugfix.patch nlm-fix-a-circular-lock-dependency-in-lockd.patch fix-smp-poweroff-hangs.patch fix-timer_stats-printout-of-events-sec.patch +selinux-clear-parent-death-signal-on-sid-transitions.patch